Twitter Hacking Spree Draws Questions Over Its Security
The official Twitter accounts of Apple, Elon Musk, Jeff Bezos and others were hijacked on Wednesday by scammers trying to dupe people into sending cryptocurrency bitcoin, in a massive hack.
The list of accounts commandeered grew rapidly to include Joe Biden, Barack Obama, Uber, Microsoft co-founder Bill Gates, bitcoin specialty firms and many others.
Twitter said late Wednesday that the hackers obtained control of employee credentials to the hijack accounts.
"We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools," the company said in a series of tweets.
The hackers then "used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf."
According to Reuters, the company statements confirmed the fears of security experts that the service itself - rather than users - had been compromised.
Twitter disabled the ability to tweet from validated accounts, those with the official blue checkmarks, for about two hours while working on a fix.
"Most accounts should be able to Tweet again," the Twitter support team said in an evening update of the situation.
"As we continue working on a fix, this functionality may come and go. We're working to get things back to normal as quickly as possible."
The site Blockchain.com, which monitors transactions made in cryptocurrencies, said a total of 12.58 bitcoins, worth almost $116,000, had been sent to the email addresses mentioned in the fraudulent tweets, AFP reported.
The tweet that appeared on Musk's Twitter feed said, "Happy Wednesday! I am giving back Bitcoin to all of my followers. I am doubling all payments sent to the Bitcoin address below. You send 0.1 BTC, I send 0.2 BTC back!"
It added that the offer was "only going on for 30 minutes."
The fake messages that appeared on the accounts of other famous personalities made similar promises of instant riches.
Twitter has been targeted by hackers in the past.
In March 2017, the accounts of Amnesty International, the French economics ministry and the BBC's North America service were broken into by hackers believed to have been loyal to Turkish President Recep Tayyip Erdogan.
Also, last August, a series of insulting or racist messages were posted on the personal account of Twitter founder Dorsey without his knowledge.