Social media platform Twitter on Wednesday went through probably the biggest hack it has ever encountered. The attack involved compromising accounts of well-known personalities and exploiting their accounts for a chain of Bitcoin scams.
The compromised accounts include the ones of former US President Barack Obama, Joe Biden, Michael Bloomberg, Elon Musk, Bill Gates, Kanye West, Kim Kardashian West, Jeff Bezos, Uber, and Apple.
“Feeling grateful doubling all payments sent to my BTC address! You send $1,000, I send back $2,000! Only doing this for the next 30 minutes,” reads the now-deleted scam tweet.
Right when Twitter became aware of the situation, the company removed all the scam tweets. It also limited the ability to tweet, reset password, and other account key functionalities.
In addition, as part of its mitigation efforts, the company limited the functionalities of verified accounts. These accounts included even those who had no evidence of being compromised.
“Tough day for us at Twitter. We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened,” wrote Twitter CEO Jack Dorsey in a tweet.
As reported by Motherboard, the hackers used an internal administration tool to pull off the attacks. As per the publication’s sources, at least some of the accounts got taken over by changing the associated email address.
In its investigation, Twitter found the attack to be an inside job. According to Twitter, this is apparently a “coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
Twitter says it has currently locked accounts that got compromised. The company added it will restore access to the original account owner when it is confident enough to do so in a secure manner.