Twitter’s thin veil of security went into full meltdown at 19:00 UTC on Wednesday.
Within minutes, an apparently coordinated hack began: A mass takeover of the most prominent names in crypto. Within hours, even Barack Obama’s account was compromised.
The messages pumped a bitcoin giveaway scam associated with an organization called “Crypto For Health.”
First, they came for Binance’s account. Gemini was next. Then Coinbase. CoinDesk. Justin Sun. Charlie Lee. Bitcoin.org. Kucoin. Bitfinex. The Tron Foundation. Ripple.
Millions of collective followers began seeing the same, cloying message: “I am giving back to my fans. All Bitcoin sent to my address below will be sent back doubled.”
About one hour in, the hack ditched its “Crypto For Health” tagline and went mainstream. Elon Musk’s account led the charge. Then Bill Gates. Then Elon Musk’s account came back for more. Kanye showed up an hour later. Jeff Bezos promised $50 million. Michael Bloomberg. Joe Biden. Barack Obama.
"I'm feeling generous because of Covid-19. I'll double any BTC payment sent to my BTC address for the next hour. Good luck, and stay safe out there!" Musk's account tweeted out. That post, like many of them, has since been deleted. (The hacker returned to Musk’s account for a second (and third) round, however.)
Apple, Uber get hit
By 21:00 UTC the hack had moved on to the tech giants. Apple’s account promised to double your bitcoin. Uber’s said it would return $10 million to users.
Hackers all linked to or directly promoted a single bitcoin wallet address. Some fell for it. By press time the wallet had received 11.5 BTC worth $106,200 and sent out 5.8 BTC worth $53,600 in 278 transactions.
The hacked accounts collectively had at least 139.6 million followers.
What was so perplexing about this hack was that some of these accounts had two-factor authentication. At least CoinDesk's did.
With no easy explanation for how a single hack could target so many prominent Twitter accounts from such a broad spectrum – technology, entertainment, philanthropy, politics – Twitter users began to grasp for rumors. In the end, crypto was just once again ahead of the curve.
As news of the hack began to creep into the mainstream media, Twitter’s stock plunged 4% in after-hours trading.
This is a developing story.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.