Twitter’s thin veil of security went into full meltdown at 19:00 UTC on Wednesday.
Within minutes, an apparently coordinated hack began: A mass takeover of the most prominent names in crypto. Within hours, even Barack Obama’s account was compromised.
The messages pumped a bitcoin giveaway scam associated with an organization called “Crypto For Health.”
First, they came for Binance’s account. Gemini was next. Then Coinbase. CoinDesk. Justin Sun. Charlie Lee. Bitcoin.org. Kucoin. Bitfinex. The Tron Foundation. Ripple.
Millions of collective followers began seeing the same, cloying message: “I am giving back to my fans. All Bitcoin sent to my address below will be sent back doubled.”
About one hour in, the hack ditched its “Crypto For Health” tagline and went mainstream. Elon Musk’s account led the charge. Then Bill Gates. Then Elon Musk’s account came back for more. Kanye showed up an hour later. Jeff Bezos promised $50 million. Michael Bloomberg. Joe Biden. Barack Obama.
"I'm feeling generous because of Covid-19. I'll double any BTC payment sent to my BTC address for the next hour. Good luck, and stay safe out there!" Musk's account tweeted out. That post, like many of them, has since been deleted. (The hacker returned to Musk’s account for a second (and third) round, however.)
Apple, Uber get hit
By 21:00 UTC the hack had moved on to the tech giants. Apple’s account promised to double your bitcoin. Uber’s said it would return $10 million to users.
Hackers all linked to or directly promoted a single bitcoin wallet address. Some fell for it. By press time the wallet had received 11.5 BTC worth $106,200 and sent out 5.8 BTC worth $53,600 in 278 transactions.
The hacked accounts collectively had at least 139.6 million followers.
What was so perplexing about this hack was that some of these accounts had two-factor authentication. At least CoinDesk's did.
With no easy explanation for how a single hack could target so many prominent Twitter accounts from such a broad spectrum – technology, entertainment, philanthropy, politics – Twitter users began to grasp for rumors. In the end, crypto was just once again ahead of the curve.
As news of the hack began to creep into the mainstream media, Twitter’s stock plunged 4% in after-hours trading.
This is a developing story.
CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk offers all employees above a certain salary threshold, including journalists, stock options in the Bullish group as part of their compensation.