Twitter Says 'Coordinated Social Engineering' Attack Caused Bitcoin Scam

Twitter says "a coordinated social engineering attack" against an employee caused Wednesday's massive takeover.

AccessTimeIconJul 16, 2020 at 3:45 a.m. UTC
Updated Sep 14, 2021 at 9:31 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Twitter claims "a coordinated social engineering attack" caused one of the world's largest social media platforms to melt down on Wednesday after prominent celebrity profiles were used to promote a large-scale bitcoin scam.

  • A mass takeover of big-name celebrities including former Vice President Joe Biden, former U.S. President Barack Obama, Kanye West and Elon Musk saw their accounts compromised, starting at 19:00 UTC.
  • Twitter said in a series of tweets that hackers targeted "some of" its employees who had access to internal tools, which they used "to take control of many highly visible (including verified) accounts and [t]weet on their behalf."
  • The social media platform is looking into what else was impacted, while restoring accounts to their users.
  • Motherboard, VICE Magazine's tech section, said it spoke to two sources who took over accounts, who claimed they paid a Twitter insider to manage the takeovers.
  • Twitter being "highly centralized" led to the hack, said Ben Sigman, CTO at blockchain startup Make Sense Labs.
  • Twitter employees have "godmode" access to create tweets from any user, Sigman claimed.
  • It's worth noting all addresses are Bech32/Segwit addresses, which helps narrow down the wallet and service being used.
coindesk-twitter-hack-2560x854-03a

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.