A series of high-profile Twitter accounts were hijacked on Wednesday, with some of the platform`s top voices – including US presidential candidate Joe Biden, reality television show star Kim Kardashian, former US President Barack Obama, billionaire Elon Musk, Microsoft co-founder Bill Gates and rapper Kanye West, among many others – used to solicit digital currency.
Nearly two hours after the first wave of hacks, the cause of the breach had not yet been made public. In a sign of the seriousness of the problem, Twitter took the extraordinary step of preventing at least some verified accounts from publishing messages altogether.
It was not clear whether all verified users were affected but, if they were, it would have a huge impact on the platform and its users. Verified users include celebrities, journalists, and news agencies as well as governments, politicians, heads of state, and emergency services.
On the other hand, a fake tweet from Tesla CEO Elon Musk’s account read, “Everyone is asking me to give back, and now is the time. I am doubling all payments sent to my BTC address for the next 30 minutes. You send $1,000, I send you back $2,000. Only going on for 30 minutes! Enjoy!”
Some experts said it seemed probable that hackers had access to Twitter`s internal infrastructure.
“It is highly likely that the attackers were able to hack into the back end or service layer of the Twitter application,” said Michael Borohovski, director of software engineering at security company Synopsys.
“If the hackers do have access to the backend of Twitter, or direct database access, there is nothing potentially stopping them from pilfering data in addition to using this tweet-scam as a distraction,” he said.
Twitter said just before 5 p.m. EDT that it was investigating what it later called a “security incident” and would be issuing a statement shortly. However, as of 7 p.m. the company had still not issued an explanation of what exactly took place.
Earlier, some of the platform`s biggest users appeared to be struggling to re-establish control of their Twitter accounts. In the case of billionaire Tesla Chief Executive Elon Musk, for example, one tweet soliciting cryptocurrency was removed and, sometime later, another one appeared, and then a third.
Among the others affected: Amazon founder Jeff Bezos, investor Warren Buffett, Bill Gates and the corporate accounts for Uber and Apple . Several accounts of cryptocurrency-focused organizations were also hijacked.
Altogether, the affected accounts had tens of millions of users.
Biden`s campaign was “in touch” with Twitter, according to a person familiar with the matter. The person said the company had locked down the Democrat`s account “immediately following the breach and removed the related tweet.” Tesla and other affected companies were not immediately available for comment.