Twitter accounts of major tech figures, crypto exchanges and Joe Biden compromised in far-reaching attack

Quick Take

  • A wide range of Twitter accounts were compromised Wednesday, including crypto exchanges and companies as well as major figures like Joe Biden, Bill Gates and Elon Musk.
  • The tweets posted variations on the same theme: promoting bitcoin/crypto giveaway scams, which try and trick people into sending funds to an address in the hope of receiving more.
  • Twitter said it was a “coordinated social engineering attack” by hackers “who successfully targeted some of our employees with access to internal systems and tools.”

UPDATE (12:05 ET): Twitter said it was a "coordinated social engineering attack" by hackers "who successfully targeted some of our employees with access to internal systems and tools."

UPDATE (6:20 PM ET):
Twitter said "[y]ou may be unable to Tweet or reset your password while we review and address this incident." Specifically, verified accounts are currently affected by Twitter's ongoing response.


An array of Twitter accounts owned by popular tech figures, major crypto exchanges and assorted verified and unverified accounts were targeted in a wide-ranging attack on Twitter, with the accounts in question being used to share crypto giveaway scams.

Below is a list of the major accounts known to have been affected.

The incident — which is still developing — began among crypto-centric accounts, starting with exchange Binance and its CEO, Changpeng Zhao. Prior to having his Twitter account hacked, Zhao warned his followers to "not click" on the giveaway link and report the Binance account "immediately." That warning was soon been deleted.

Many of the tweets from the crypto-sphere included the same message: "We have partnered with CryptoForHealth and are giving back 5000 BTC to the community," the tweets read. 

But as time went on, it seems as if Twitter moved to prevent that specific message from being posted. It was around then that a broader array of mainstream accounts were used to spread the giveaway scams, posting direct addresses — a tactic seen in the past — rather than sharing a link to a dedicated website.

A number of the tweets, including those posted to major accounts, have since been deleted. But it is unclear to what degree the original owners have control of their respective accounts. For example, posts on Elon Musk's account appear to be continuously deleted, only for new messages to be posted right after.

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

It's unclear as to the source of the attack, though some have speculated that the wide-reaching nature of the attack means that Twitter's platform was compromised in some way. The Block has contacted Twitter for comment and will update this space if we hear back. In the absence of a specific statement, however, Twitter shared on its official account:

 

 

A bitcoin address tied to the scam website's message has collected more than 0.65 BTC in proceeds as of press time, an amount worth roughly $6,000. Other addresses circulating on social media show thousands of dollars in crypto being sent, but it's unclear whether that represents organic inbound activity. 

This is a developing story and will be updated.


© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.