Over a dozen high-profile Twitter accounts, including Apple, Amazon CEO Jeff Bezos, Microsoft founder Bill Gates, Democratic presidential candidate Joe Biden, and former president Barack Obama, were apparently hacked on Wednesday and posted tweets telling followers to send bitcoin to a specific address.
Tesla CEO Elon Musk was first high-profile account to be hacked, posting a tweet early Wednesday afternoon promising to double any payments sent to the bitcoin address.
Twitter’s stock is down 4% after hours. “We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly,” the company said in a tweet.
All hacked accounts on Wednesday were verified. Around 3:15 PT, Twitter appears to have blocked all verified accounts from tweeting in an attempt to regain control.
One wallet linked to in the tweets had apparently received over 12 bitcoin, worth over $110,000 at the current exchange rate, according to Blockchain.com.
The Musk tweet was deleted minutes after it was sent, before a second tweet asking for bitcoin was posted from the same account and deleted again. In total, Musk’s account sent three bitcoin tweets from a Twitter web account and one reply to Bill Gates. The bitcoin-related tweet was Apple’s first ever tweet, although the account had placed ads in the past.
Other accounts hacked included former New York City mayor Mike Bloomberg, musicians Kanye West and Wiz Khalifa, Berkshire Hathaway chairman Warren Buffett, reality TV star Kim Kardashian, and Uber’s corporate account.
Rachel Tobac, the CEO of cybersecurity firm SocialProof Security, told NBC News that the attack was likely the largest Twitter had ever seen.”I’m surprised twitter hasn’t gone completely dark to prevent misinformation campaigns and political upheaval,” she said. “We are lucky the attackers are going after bitcoin (money motivated) and not motivated by chaos and destruction.”
Kelley Robinson, a security advocate for Authy, a company that provides two-factor authentication, told NBC News that the scale of the attack indicated the hackers had gotten administrative access at Twitter itself.
“It’s really unlikely that Bezos, Musk, and especially Biden all had credentials compromised,” she said over Twitter Direct Message.
Earlier on Wednesday, several cryptocurrency accounts simultaneously linked to a phishing site called CryptoForHealth. Cameron Winklevoss, cofounder of Gemini, a cryptocurrency market, said in a tweet: “ALL MAJOR CRYPTO TWITTER ACCOUNTS HAVE BEEN COMPROMISED.”
In the past, one popular cryptocurrency scam on Twitter involved attackers changing their display name and avatar to match Elon Musk, then they would reply to his tweets pretending to be him asking for bitcoin. But on Wednesday, the accounts tweeting about bitcoin were real. The tweets on Wednesday were sent through a web browser accessing Twitter.com, not an app or third-party software.
Here’s a sampling of the tweets. Many have been deleted.
Apple’s Twitter account was hacked.
Jeff Bezos’ Twitter account was hacked.
Mike Bloomberg’s Twitter account was hacked.
Barack Obama’s Twitter account was hacked.
NBC News reporter Kevin Collier contributed to this report.
Clarification: The Wendy’s tweet, while similar to the false tweets, was not identical and appears to have been a joke issued by the account itself.
This is breaking news. Please check back for updates.