High-profile Twitter accounts were hacked simultaneously on Wednesday afternoon by attackers who used the accounts to share a scam involving Bitcoin.
This afternoon, a number of large Twitter accounts—including @binance, @bitcoin, @coinbase, @coindesk, and @ripple began spreading a message through their official Twitter accounts: “We have partnered with CryptoForHealth and are giving back 5000 BTC to the community,” followed by a link to a website that won’t be listed here.
According to a report in TechCrunch, Kristaps Ronka, chief executive of Namesilo, the domain registrar used by the scammers, said that the domain was suspended “on the first report” it received.
At 2:45pm PDT, Twitter addressed the situation in a tweet:
Although many of the tweets were deleted upon the owners regaining control, other accounts began to post the same message, including @apple, @billgates, and @jeffbezos.
It’s not known who the hackers are or how the attack took place, but emerging information shows that the hackers fully took over the accounts, even changing the associated email addresses to make it more difficult for account owners to regain access.
As of 2:10pm PDT, Twitter user @taslimokunola showed that the Bitcoin address associated with these posts had already received over $100k worth of Bitcoin (BTC), and switched the wallet address when the incoming BTC slowed down.
New hacked accounts continue to spring up, making this one of the most widespread and large-scale attacks the platform has ever seen. In addition to the accounts listed above, a other confirmed accounts include: Joe Biden, Cash App, Warren Buffet, Kim Kardashian, Wiz Khalifa, Floyd Mayweather, MrBeast, Alexandria Ocasio-Cortez, TheTweetOfGod, Uber, and XXXTentacion.
Twitter’s stock dropped as much as 4% in after-hours trading following the hack.
Update 3:18pm PDT: Twitter has stated that users may be unable to send tweets or reset passwords while the company addresses the incident.
Many Twitter users, this author included, are finding themselves among the accounts that are not able to post.
Some, including Oliver Hough and Kevin Beaumont, believe that Twitter has disabled all tweets from verified accounts.
(This story is developing, updates to follow)