Twitter accounts belonging to Democratic presidential candidate Joe Biden, former US president Barack Obama, reality star Kim Kardashian West and her husband Kanye West, and Tesla CEO Elon Musk were hacked on Wednesday to promote a bitcoin scam.
A Twitter spokesperson told ALTAFX News that the issue was “being looked into.” Tweets promoting the scam appeared across various verified accounts on Wednesday afternoon. According to crypto currency publication Coin Desk, which also had its account hacked, some of the affected accounts had two-factor security enabled.
More than five hours after this tweet, Twitter said that that the company had detected a “coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools” in a tweet from its support account.
“We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” the company said in another tweet.
While previous cryptocurrency scams have tended to mimic verified Twitter users by creating accounts with similar handles, avatars, and cover photos, Wednesday’s scam was different in that the unknown hacker gained access to real accounts to proliferate their scam.
The initial scam tweet promoting the fake giveaway from Musk’s account, which has nearly 37 million followers, went up at 1:17 p.m. PT.
While Musk’s first tweet was removed, at least three others went up from his verified account promoting the same bitcoin wallet. Similar tweets were posted by the verified accounts for Obama, Microsoft cofounder Bill Gates, Apple, and Uber.
Hacked accounts pinned the tweets promoting the giveaway scam to the top of their profiles or retweeted the posts. Other accounts that were hit included rappers Wiz Khalifa and the late XXX Tentacion; boxer Floyd May weather; and billionaires Jeff Bezos, Michael Bloomberg, and Warren Buffett.
The website associated with the scam was created this morning at 10:36 a.m. PT. The site went down before Musk tweeted the address, but its layout was reminiscent of previous scams: It featured the same bitcoin wallet address as the one shared in the Musk tweet and an image claiming transactions were being sent to it.
A Twitter spokesperson told BuzzFeed News that the issue was “being looked into.” Tweets promoting the scam appeared across various verified accounts on Wednesday afternoon. According to crypto currency publication Coin Desk, which also had its account hacked, some of the affected accounts had two-factor security enabled.