.png) A representative scam tweet, from Apple's hacked account | |
| Date | July 15, 2020, 20:00–22:00 UTC |
|---|---|
| Cause | Coordinated social engineering attack |
| Target | High-profile verified Twitter accounts |
| Outcome | At least 130 accounts affected. The bitcoin addresses involved received about US$110,000 in bitcoin transactions. |
| Arrests | 3, as of July 31, 2020[update] |
On July 15, 2020, between 20:00 and 22:00 UTC, 130 high-profile Twitter accounts were reportedly compromised by outside parties to promote a bitcoin scam.[1][2] Twitter and other media sources confirmed that the perpetrators had gained access to Twitter's administrative tools so that they could alter the accounts themselves and post the tweets directly. They appeared to have used social engineering to gain access to the tools via Twitter employees.[3][4][5] Three individuals were arrested by authorities on July 31, 2020, and charged with wire fraud, money laundering, identity theft, and unauthorized computer access related to the scam.[6]
The scam tweets asked individuals to send bitcoin currency to a specific cryptocurrency wallet, promising the Twitter user that money sent would be doubled and returned as a charitable gesture.[7] Within minutes from the initial tweets, more than 320 transactions had already taken place on one of the wallet addresses, and bitcoins to a value of more than US$110,000 had been deposited in one account before the scam messages were removed by Twitter.[1][8] In addition, full message history data from eight non-verified accounts were also acquired.[9]
Dmitri Alperovitch, the co-founder of cybersecurity company CrowdStrike, described the incident as "the worst hack of a major social media platform yet."[2][10] Security researchers expressed concerns that the social engineering used to execute the hack could affect the use of social media in important online discussions, including the lead-up into the 2020 United States presidential election.[11][12] On July 31, 2020, the U.S. Department of Justice announced charges against three individuals in connection with the incident.[13]
- ^ a b Iyengar, Rishi (July 15, 2020). "Twitter accounts of Joe Biden, Barack Obama, Elon Musk, Bill Gates, and others apparently hacked". CNN Business. Archived from the original on July 16, 2020. Retrieved July 15, 2020.
- ^ a b "Musk and Gates 'hacked' in apparent Bitcoin scam". BBC News. July 15, 2020. Archived from the original on July 15, 2020. Retrieved July 15, 2020.
- ^ Cite error: The named reference
vicewas invoked but never defined (see the help page). - ^ Cite error: The named reference
techcrunchwas invoked but never defined (see the help page). - ^ Cite error: The named reference
nytimes july17was invoked but never defined (see the help page). - ^ Cite error: The named reference
theverge arrestwas invoked but never defined (see the help page). - ^ Sheth, Sonam (July 15, 2020). "Former President Barack Obama's Twitter account appears to have been hacked as part of a cryptocurrency scam". Business Insider. Archived from the original on July 16, 2020. Retrieved July 15, 2020.
- ^ Leswing, Kif (July 15, 2020). "Hackers appear to target Twitter accounts of Elon Musk, Bill Gates, others in digital currency scam". CNBC. Archived from the original on July 15, 2020. Retrieved July 15, 2020.
- ^ Cite error: The named reference
theverge July17was invoked but never defined (see the help page). - ^ "Twitter accounts of Elon Musk, Barack Obama, Bill Gates and more hacked in bitcoin scam". SBS World News. July 15, 2020. Archived from the original on July 16, 2020. Retrieved July 16, 2020.
- ^ Guynn, Jessica (July 16, 2020). "'Tweet-tastrophe'? It could have been. Twitter hack reveals national security threat ahead of election". USA Today. Archived from the original on July 16, 2020. Retrieved July 16, 2020.
- ^ Cite error: The named reference
nyt-twitter-bitcoinwas invoked but never defined (see the help page). - ^ Cite error: The named reference
DOJwas invoked but never defined (see the help page).