CoinDesk's Twitter Hack Proved the Media Can't Rely on Web 2.0

Last week's Twitter hack, which downed a key CoinDesk channel for seven days, showed how news groups are overly dependent on social media.

AccessTimeIconJul 24, 2020 at 9:21 p.m. UTC
Updated Sep 14, 2021 at 9:35 a.m. UTC

A rundown from one of CoinDesk’s editorial Slack channels during an action-packed hour on Wednesday last week reads like a high-pace drama. 

It tells the tale of a news team going through a process of incremental information discovery. 

First, there’s the realization that a big story – a massive hack on Twitter – is developing. Second, there’s the sudden comprehension CoinDesk itself has been targeted in that attack. And, third, there’s the scramble, with limited options and a certain sense of helplessness, to keep social media channels open to get that story out. 

It’s a tale, also, of how media and information services like ours have developed an unhealthy dependency on centralized social media platforms over which they have very little control. 

A growing story

Now that CoinDesk’s Twitter handle has finally, one week later, been restored, we think it would be helpful to include a truncated summary of that Slack conversation. This episode is, after all, a cautionary one:

At 3:21 pm ET on Wednesday, July 15, reporter Danny Nelson shared a screenshot of two side-by-side tweets, one from Binance’s account saying, “We have partnered with CryptoHealth and are giving back 5000 BTC to the community,” the other from Binance CEO Changpeng Zhao telling people not to click on the link and asking them to report the Binance account to Twitter admin. 

“Someone been hacked by the looks of it,” Danny wryly observed. “If CZ was hacked this is some 3D chess.”

From there, CoinDesk’s editorial team sprung into action, figuring out how to cover the story. Two minutes later, reporter Nikhilesh De, chimed in: “Apparently Gemini also got hacked.”

Soon after, reporter Zack Voell noted @AngeloBTC, a well-known bitcoin trader’s account, was also posting the same tweet. Something odd was up. 

From then on, the transcript shows a sense of urgency. Colorful expressions of amazement and expletives fill the flow, as editorial instructions are meted out and journalists add to the list of hacked names from the crypto community: Coinbase, Kucoin and on. 

At 3:45 p.m. ET, as it dawned on the team this was something central to Twitter rather than isolated to individual accounts, reporters David Pan and Nikhilesh De chimed in simultaneously with links to a bombshell tweet: @CoinDesk was tweeting out the same cursed message. 

De proactively tweeted a message from the CoinDesk account via TweetDeck, to which he still had access, warning people to ignore the hackers’ message. Meanwhile, CoinDesk’s head of tech and product, Parker Ferguson, spun up a separate slack channel for editors and tech support to figure out how to address the CoinDesk outage problem. 

Then, at 4:20 p.m. ET, with two teams now scrambling to tackle both the writing and technical needs, reporter Benjamin Powers weighed in with ““Uhhhh” and shared a tweet from Elon Musk’s account. The attack had leapt outside of the crypto community. It would soon grow to encompass the accounts of Apple, Joe Biden, Barack Obama and more than 100 others. 

The lesson is that news organizations like ours, as important as ever in providing trusted information, are overly dependent on the behemoths of the Web 2.0 era.

Reporters and editors shared ideas on how to attack such a big story, but CoinDesk’s Twitter management problems were about to get worse. At 4:39 p.m, De weighed in again to the Slack channel. “F*** I just lost tweetdeck access @channel,” he wrote, quickly adding, “And social flow.”

Not only could the team not delete the offending tweet from the hackers, they could no longer put information out on the @CoinDesk feed. Who knew what else might be hit? Was Twitter protectively shutting down access to its API or did the hackers now have complete control of all our tools? 

“I guess the only good news is that it's not just us,” posted podcast editor Adam B. Levine. “So they [Twitter] have to fix it.  But until then we're passengers on this ride”

A long wait

Through the evening until after midnight, reporters and editors scrambled to get out articles based on this big, multifaceted story, while members of the editorial and tech teams coordinate outreach to Twitter and to come up with jury-rigged solutions to keep an open channel to our Twitter audience. 

The decision was made to shift all tweets to a separate CoinDesk account, @CoinDeskMarkets, and just hope it wouldn’t be taken down. That account, which has less than a 20th of the followers tracking the main @CoinDesk account, became our core Twitter publishing vehicle for the next seven days. 

A waiting period then ensued. Other accounts had their access restored, but @CoinDesk was delayed. It wasn’t until Wednesday this week that we learned why: @CoinDesk was among 36 of the total 130 hacked accounts that had their direct messages accessed.  

Finally, on Thursday, after much wrangling with Twitter administration, CoinDesk’s access to its account was restored. A look at the DMs suggested all was in order. (The DMs from the account are not used very often, either by CoinDesk editors or outside users.)

Lessons learned

So ended a frustrating experience. CoinDesk doesn’t always have the most pleasant experience with members of “Crypto Twitter,” but the platform is where crypto and blockchain communities live. To be cut off from our audience, our life blood, was to have our mission interrupted. 

What’s more, there was an awkward duality to the situation: As any journalist will tell you, media organizations want to report the news; they don’t want to be the news. When that happens, you must put on both hats, managing both the problem at hand and the coverage of it.

The lesson is that news organizations like ours, as important as ever in providing trusted information, are overly dependent on the behemoths of the Web 2.0 era: Facebook, Twitter, Instagram and YouTube.

CoinDesk’s experience of the Twitter hack gives weight to an argument that runs strong in the crypto community, especially among those working on so-called Web 3.0 solutions. That is to say a decentralized model in which users retain control and ownership of their highly valuable data and content in theory would be less vulnerable to these kinds of hacks and give power to those who create the valuable content and communities in these networks. 

There are challenges to achieving this vision – whether users should or want to be responsible for securing their data, for example, and whether it’s possible for a decentralized platform to create sufficient network effects or economies of scale to attract enough users away from the big communities on Twitter, Facebook and Google. 

But events like this are a reminder of why developers need to keep working to overcome those challenges. The world needs a better, fairer, more distributed, less vulnerable information system.



Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.