The Twitter accounts of major companies and individuals have been compromised in one of the most widespread and confounding hacks the platform has ever seen, all in service of promoting a bitcoin scam that appears to be earning its creator quite a bit of money.
We don’t know how it happened or even to what extent Twitter’s own systems may have been compromised. Twitter acknowledged the situation after more than an hour of silence, writing on its support account, “We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.”
The company also took the unprecedented measure of preventing verified accounts from even tweeting at all starting some time around 6PM ET. This would seem to be the first time Twitter has ever done this in the company’s history.
The chaos began when Elon Musk’s Twitter account was seemingly compromised by a hacker intent on using it to run a bitcoin scam. Microsoft co-founder Bill Gates’ account was also seemingly accessed by the same scammer, who posted a similar message with an identical bitcoin wallet address. Both accounts continued to post new tweets promoting the scam almost as fast as they were deleted, and Musk’s account in particular appears to still be under the control of the hacker as of 5:56PM ET.
A spokesperson for Gates tells Recode’s Teddy Schleifer, “We can confirm that this tweet was not sent by Bill Gates. This appears to be part of a larger issue that Twitter is facing. Twitter is aware and working to restore the account.”
Shortly after the initial wave of tweets from Gates and Musk’s accounts, the accounts of Apple, Uber, former President Barack Obama, Amazon CEO Jeff Bezos, Democratic presidential candidate Joe Biden, hip-hop mogul Kanye West, and former New York City mayor and billionaire Mike Bloomberg, among others, were also compromised and began promoting the scam.
It’s unclear how widespread the operation is, but it appears to be affecting numerous major companies and extremely high-profile individuals. That suggests someone, or a group, has either found a severe security loophole in Twitter’s login process or third-party app or that the perpetrator has somehow gained access to a Twitter employee’s admin privileges.