Twitter’s Bitcoin Scam Explained

The Twitter accounts of multiple prominent celebrities were hijacked and used to promote a large-scale bitcoin scam this Wednesday, in what could be the largest ever hack on the social media giant.

Starting around 19:00 UTC yesterday, a number of big name celebrities, such as former U.S. President Barack Obama, Vice President Joe Biden, Kanye West, Elon Musk and others, had their accounts taken over by an attacker. The bad actor then used the accounts to post tweets promoting a fake Bitcoin giveaway associated with an organization called “Crypto For Health”. Similar tweets later emerged from the accounts of Gemini, Coinbase, Kucoin, Justin Sun, Charlie Lee, and other individuals and companies. Around 19:15 UTC Coinbase’s account tweeted:

“We have partnered with CryptoForHealth and are giving back 5,000 BTC to the community.”

Twitter later confirmed that a hacker was responsible for the massive breach, and that he had used a “coordinated social engineering attack” to gain access to internal systems and tools. The platform has since taken “significant” steps to limit the access to its internal systems, and has started an investigation into what other activities the attacker may have conducted, and what information they had access to.

The firm tweeted:

“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”

Earlier today, Vice’s Motherboard reported that it had spoken with two sources who took part in the hack. According to the information they provided, the attackers had paid an insider in Twitter to help them gain access to the accounts. Vice also reported that Twitter had started taking down screenshots of admin panels, which revealed that admin’s had access to details such as number of strikes logged against the account, when it was last accessed, the phone numbers tied to it, and the email addresses used for verification of the account.