A number of high-profile Twitter accounts were simultaneously hacked on Wednesday by hackers seeking to spread a cryptocurrency scam, according to a report by the tech online publisher TechCrunch.
The accounts, some of which have millions of active followers, were apparently hacked in order to spread a tweet seeking bitcoin donations by referring the user to a fake website controlled by the hackers.
The tweet on the hacked accounts directed users to send bitcoin to a certain address under the assurance that the hacked user will double any payment — a rather popular scam technique.
Kristaps Ronka, chief executive of Namesilo, the domain registrar used by the scammers, told TechCrunch that the company suspended the domain “on the first report” it received, thus limiting the scope of affected people.
It’s not yet known how the hackers took control of so many accounts. Security researchers, however, found that the attackers were able to fully control the victims' accounts, changing the email address associated with the account to make it harder for the real user to regain access.
The accounts that were hacked were diverse in nature, ranging from accounts of prominent political figures to those of influences and billionaires. A few of the notable accounts that were hacked and used to spread the scam are those of former president Barack Obama, former vice president Joe Biden, billionaires Bill Gates and Elon Musk, Amazon co-founder Jeff Bezos and Apple's official Twitter account.
While some of the accounts were quickly back under their owners’ control and the scammer's tweets were quickly deleted in order to avoid spreading the scam even more, others were hijacked for a longer period of time.
These kinds of scams are not uncommon, as they are relevantly simple and can generate a lot of money off unsuspecting victims. High-profile Twitter accounts are usually breached using leaked passwords. Scammers then post messages that encourage users to post their cryptocurrency funds to a particular address under the guise that they’ll double their investment.
While being a flat-out lie, the scam apparently works. By the time of writing, the address used on the scam site had already collected 2.8 bitcoin — some $25,700 — and it’s going up by the minute.