Twitter’s shares slid more than 4% after a large-scale scam promoting bitcoin hacked major US businessmen, politicians and technology companies.
Amazon CEO Jeff Bezos, Tesla co-founder Elon Musk, Microsoft co-founder Bill Gates, and former New York City mayor Michael Bloomberg all saw their accounts compromised.
Former US president Barack Obama and former US vice president Joe Biden, as well as US rapper Kanye West and Kim Kardashian, were also hacked, alongside Big Tech firms Apple and Uber, and fintech Square.
What was the hack?
These Twitter account holders, which have tens of millions of subscribers, were simultaneously hacked with similar messages.
Musk was one of the first to get hacked, issuing a tweet at 16:17 ET reading: “I‘m feeling generous because of COVID-19. I’ll double any BTC [bitcoin] payment sent to my BTC address for the next hour. Good luck, and stay safe out there!”
The tweet also contained a bitcoin address which is thought to be associated with the hacker’s crypto wallet.
It was later deleted and replaced with a second tweet: “Feeling grateful doubling all payments sent to my BTC address! You send $1,000, I send back $2,000! Only doing this for the next 30 minutes.”
Almost every post on other users’ Twitter accounts – which echoed this second post – featured the same bitcoin wallet address.
Response
Following the emergence of the hack, Twitter said its internal employee tools had been compromised.
There was speculation that Twitter workers had perpetrated the attack. But Twitter has confirmed that it was an external “coordinated social engineering attack” targeting its employees.
Internally, Twitter says it has “taken significant steps to limit access to internal systems”. This is whilst its investigation into the hack continues.
In response the social media giant prevented verified accounts from tweeting. This lasted from sometime around 18:00 ET until 20:41 ET, when Twitter said “most” verified accounts could tweet again.
Those accounts compromised due to the hack were locked indefinitely by Twitter. It added that it would restore access to original account owners when it could be sure the accounts were secured.
Twitter shares plunge
On Wednesday, the post-market trading session on the New York Stock Exchange saw Twitter shares take a plunge of more than 4%.
The dip shaved a billion dollars off Twitter’s market capitalisation in just over an hour.
“A single tweet from an influential account can cause the shares of almost any company to collapse,” says Dmitry Volkov, chief technology officer at CEX.IO, on the hack.
On 1 May, Musk tweeted that Tesla’s stock price was “too high”. That message sent his firm’s shares into a free fall. In just over 30 minutes it had experienced a drop of nearly 12%.
A hack of the size seen on Twitter on Wednesday is unprecedented. “To put it into context, for more than two hours fraudulent tweets were being issued from high-profile, verified accounts on a platform with over 152 million daily users,” says Nicolai Baldin, CEO and founder of artificial intelligence (AI) firm, Synthesized.
“Data breaches of this size, in our digital era, now affect every facet of a business, from customer confidence to profits to share price. The ability to keep data safe and secure is now a critical barometer of the health of a business.”
What’s happened to the money?
Some Twitter users did fall for the scam. According to public blockchain records published by The Verge, the scammer had amassed nearly $120,000.
But the account owner was sending money back out of the cryptocurrency wallet, as the daily final balance fluctuated up and down throughout the afternoon.
Comments