SAN FRANCISCO • Twitter is probing a massive hack of high-profile users ranging from Tesla chief executive Elon Musk to presidential candidate Joe Biden that has raised questions about the platform’s security as it serves as a megaphone for US politicians ahead of November’s election.
Posts trying to dupe people into sending hackers the virtual currency bitcoin were tweeted by the official accounts of Apple, Uber, rapper Kanye West, Microsoft co-founder Bill Gates, former president Barack Obama and many others on Wednesday.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter said.
The company said the hackers targeted about 130 accounts, and were able to gain control to a “small subset” of the targeted accounts, and send tweets from them.
The fraudulent posts, which were largely deleted, said people had 30 minutes to send US$1,000 in the cryptocurrency, promising they would receive twice as much in return.
A total of 12.58 bitcoins – worth almost US$116,000 (S$161,263)- were sent to e-mail addresses mentioned in the tweets, according to blockchain.com
The Federal Bureau of Investigation’s San Francisco division, which was investigating, said: “We advise the public not to fall victim to this scam by sending cryptocurrency or money in relation to this incident.”
The account of President Donald Trump, which has 83.5 million followers, was not targeted. “The President will remain on Twitter,” White House press secretary Kayleigh McEnany said. “His account was secure and not jeopardised during these attacks.”
With the presidential election just over three months away, the influence that social media platforms have on politics has become a hotly debated issue.
Just hours before Wednesday’s hack, the House of Representatives Committee on Oversight and Reform called for the appointment of a national cyber-security czar.
Twitter locked down affected accounts and removed the fraudulent tweets. It also locked accounts not affected by the hack as a precaution.
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
TWITTER, on the hack, which targeted about 130 accounts.
As of Thursday afternoon, the company was “working to help people regain access to their accounts ASAP if they were proactively locked… taking extra steps to confirm that we’re granting access to the rightful owner”.
Vice reported that a Twitter insider was responsible for Wednesday’s hack, citing leaked screenshots and two anonymous sources apparently behind the hack, one of whom told the media outlet he had paid the employee.
United States Senator Josh Hawley tweeted a letter to Twitter chief executive Jack Dorsey, expressing concern over privacy for the company’s millions of users.
“I am concerned that this event may represent not merely a coordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself,” he said.
Twitter had stepped up its search for a chief information security officer in recent weeks, two sources told Reuters, before the hack raised alarms about the platform’s security.
Before the hacking campaign, an advertisement went up on a grey market site that facilitates the trade of user accounts for many popular websites, including Twitter.
For US$250 in digital currency, the seller promised they would reveal the e-mail linked to a Twitter account. And for US$2,500, the buyer would get the account itself – satisfaction guaranteed.
“You will be given a full refund if for any reason you aren’t given the e-mail/@,” the poster said, describing the Twitter account with an @ sign.
The ad, a screenshot of which was provided to Reuters by Hudson Rock, an Israeli company that monitors online forums for stolen credentials and breached data, was an early indication that all was not well at Twitter.
The fact that early word of the hack spread on a forum popular with gamers and Instagram account swoppers suggests the incident likely had a nexus with low-level cybercrime rather than nation state-level subterfuge.
“This doesn’t look like a particularly sophisticated hacking group,” said Hudson Rock chief executive Roi Carthy.
AGENCE FRANCE-PRESSE, REUTERS