Social media platform Twitter has suffered one of the biggest cyberattacks in its history, hackers breached a number of high-profile accounts, including those of Barak Obama, US presidential candidate Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Elon Musk, Uber, and Apple.
Twitter explained is was victim of a”coordinated social engineering attack” against its employees who gave attackers the access to its internal tools.
All the accounts were compromised simultaneously and threat actors used them to promote a cryptocurrency scam. The attackers posted messages urging the followers of the hacked accounts to send money to a specific bitcoin wallet address to receive back larger sums.
“Everyone is asking me to give back, and now is the time,” reads a messages posted from Bill Gates’ Twitter account said. “You send $1,000, I send you back $2,000.”
Experts also noticed that attackers have changed the email addresses associated with the accounts to delay the response to the hijack.
With this fraudulent scheme, threat actors obtained nearly $120,000 worth of bitcoins (approximately 12.86 bitcoins were amassed by attackers in their wallet) from the unaware followers of the hacked accounts.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” reads a Tweet from the company.
“Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing.”
Attackers initially breached cryptocurrency-focused accounts, such as Bitcoin, Ripple, CoinDesk, Gemini, Coinbase and Binance, all of which were displaying the following Tweet:
“We have partnered with CryptoForHealth and are giving back 5000 BTC to the community,”
the message included a link to a phishing website.
Then, hackers breached the accounts for Apple, Uber, Elon Musk, and Mike Bloomberg inviting their followers to send them bitcoins.
Once discovered the attack, Twitter locked out the attackers and deleted the fraudulent tweets from the compromised accounts, it confirmed that it is working to fix a “security incident.”
“We are aware of a security incident impacting accounts on Twitter,” the messaging platform said in a tweet.
“We are investigating and taking steps to fix it. We will update everyone shortly.”
Despite Twitter suffered other attacks in the past, the extend of this one has no precedents because hackers did not hijack single accounts, instead, they conducted a large scale hack likely after had access to an employee’s administrative access.
At the time it is not clear who is behind this attack, an investigation was immediately launched by the company and federal authorities.
“The accounts appear to have been compromised in order to perpetuate cryptocurrency fraud,” reads a statement issued by the FBI’s San Francisco field office, “We advise the public not to fall victim to this scam by sending cryptocurrency or money in relation to this incident.”
(SecurityAffairs – hacking, Twitter)