Twitter suffered what's perhaps the biggest cyberattacks in its history on Wednesday, with number of high-profile accounts, including Amazon CEO Jeff Bezos, Elon Musk, Bill Gates, and that of US presidential candidate Joe Biden, compromised to promote a cryptocurrency scam.
While the attackers posted similar worded messages that urge their millions of followers to send money to specific bitcoin wallet address in return for bigger payback, thus: "Everyone is asking me to give back, and now is the time," a tweet from Mr Gates' account said. "You send $1,000, I send you back $2,000."
Twitter on its part has identified the security breach as a "coordinated social engineering attack" that leveraged on its internal tools with employees as target who have access to the system.
What's the goal of the Hacking Campaigns?
The attackers behind the operation amassed nearly $120,000 in bitcoins, though it's not yet clear who were behind the attacks, but the attackers could have had direct access to messages sent to and from the affected accounts.
It appears to have been directed against cryptocurrency-focused accounts initially, such as Ripple, Bitcoin, CoinDesk, Coinbase, Gemini, and Binance, all of whose Twitter accounts were hacked, displaying the same message: "We have partnered with CryptoForHealth and are giving back 5000 BTC to the community," and a link to a phishing site that was later taken down.
Also, the Twitter accounts of Apple, Uber, and Elon Musk were all used to post tweets soliciting for bitcoins with the exact same Bitcoin address as on the CryptoForHealth website.
Measures taken by Twitter to contain the Attacks
Twitter took the immediate step of temporarily halting several of the high-profile verified accounts from tweeting altogether, albeit there have been previous cases of account hijacking on Twitter, but it hasn't happened at such a scale on the social network.
This leads to speculations that the hackers probably gained control into a Twitter administrative employee's access to "take over prominent accounts and tweet on their behalf" without even knowing their passwords or requiring two-factor authentication.
The company, however, promised to take significant steps to limit access to the internal systems and tools while investigation is still ongoing on the cyberattacks.