DEV Community

Ben Halpern
Ben Halpern

Posted on

Twitter accounts for Apple, Elon Musk and Bill Gates were hacked

The hack asked for bitcoin donations.

A number of high-profile Twitter accounts were simultaneously hacked on Wednesday by attackers who used the accounts — some with millions of followers — to spread a cryptocurrency scam.

@bitcoin , @ripple, @coindesk, @coinbase and @binance were among the accounts hacked with the same message: “We have partnered with CryptoForHealth and are giving back 5000 BTC to the community,” followed by a link to a website, which we are not linking to.

The scammer’s website was quickly pulled offline. Kristaps Ronka, chief executive of Namesilo, the domain registrar used by the scammers, told TechCrunch that the company suspended the domain “on the first report” it received.

Story on Techcrunch

Discussion (15)

Collapse
vaidehijoshi profile image
Vaidehi Joshi

I'm going to be curious to see how this unfolds!

As this Verge article describes, Gemini was hacked but they had both strong passwords + 2FA enabled! So, it'll be interesting to see how that account as compromised despite that.

Collapse
byrro profile image
Renato Byrro

If scammers used employees "internal tools" and were able to impersonate anyone on Twitter, what's more scary to me is how powerful Twitter employees are.

Developers are able to impersonate others... in a production environment ... on Twitter! That sounds like a scary lack of basic security boundaries.

Collapse
antogarand profile image
Antony Garand

According to this article by Vice, it was an employee who either got paid or hacked.

This allowed the hackers to intercept the 2fa and password reset token, allowing them to change the password and give themselves access to the accounts.

The latest official developments can be found on the official TwitterSupport account, as long as this one isn't compromised!

Collapse
emma profile image
Emma Goto 🍙

That's insane! The developers over at Twitter must be panicking, hope they manage to figure out a solution/fix soon 🙏

Collapse
perpetual_education profile image
perpetual . education

Well, it's nice to know there's a reason they employ so many developers over there -

Collapse
ben profile image
Ben Halpern Author

I'm surprised some of these tweets stayed online as long as they did, especially the ones that came later in the hack.

I assume this was a password breach, but I'm not sure if there's more info yet.

Collapse
ahmadhddad profile image
Ahmad Naaloeh • Edited

As I've read it was a bug in one of there APIs.
I don't think the "hacker" had any access to their actual accounts

Collapse
peter profile image
Peter Kim Frank • Edited

I wonder what this hacker will end up making (it should be publicly visible, right?) vs. what they could have taken home with an ethical security disclosure.

Via this source Twitter has paid out $1.3m to date, with $20k as the top bounty payout.

Collapse
thomasstep profile image
Thomas Step

Here's a thread from Twitter support about what happened: twitter.com/TwitterSupport/status/...

Collapse
somedood profile image
Basti Ortiz

As bad as all of this is, we gotta tip our hats to those scammers. What they did was nothing short of impressive. 🤔

Collapse
dhanush_ramuk profile image
dhanush 

I think this is the only time Apple has tweeted from its official account.

Collapse
mxldevs profile image
MxL Devs

When I saw the tweet from elon musk it just seemed like a perfectly normal thing for him to say on Twitter tbh

Collapse
spiritbro1 profile image
spiritbro1

damn this is scary i thought it was legit yesterday coz elon musk itself is a fan of bitcoin then i so many other people posted it so i think somthing is wrong

Collapse
tanvesht profile image
Tanvesh Takawale

This giveaway of BTC poped up in the news recently what is it exactly? Can someone explain?