This article is more than 1 year old

Twitter mass hacking: Bill Gates, Elon Musk, Jeff Bezos, Mike Bloomberg, Biden, Obama, more hijacked to peddle Bitcoin scam

Miscreants have already obtained more than $110K from the credulous

Updated The Twitter accounts of Microsoft co-founder Bill Gates, Tesla CEO Elon Musk, and other celebrities were briefly taken over on Wednesday, along with the accounts of various cryptocurrency businesses and affiliated executives, to promote a Bitcoin scam.

Fellow twits were told by the A-list stars to transfer BTC to the celebs, who would then transfer back double the amount.

Here's what Twitter had to say about the shenanigans:

The accounts of Apple, Uber, Amazon CEO Jeff Bezos, celebrity Kanye West, billionaire Michael Bloomberg, former President Barack Obama, former Vice President Joe Biden, and others were among those violated by an unidentified hacker or hackers. "Everyone is asking me to give back, and now is the time," read a message posted to Gates's Twitter account. "I am doubling all payments sent to my BTC address for the next 30 minutes. You send $1,000, I send you back $2,000."

Here's what Elon Musk's hijacked Twitter feed looked like:

Elon Musk's Twitter hacked

Scam ... The message posted on Musk's account. Click to enlarge

The tweets, since removed, included a BTC address for those who somehow believed they might be able to double their money by sending it to the listed BTC address and hoping for the best. The address in question has received over $110,000 worth of BTC and had a balance close to that on Wednesday afternoon, Pacific Time.

Similar Bitcoin solicitations appeared on the accounts of Binance, Coinbase, Gemini, Kucoin, Coindesk, Litecoin's Charlie Lee, Tron's Justin Sunand, and others. Twitter also silenced verified blue-tick accounts temporarily to prevent more abuse while it got to the bottom of the kerfuffle.

It is unclear how the accounts were hijacked, though it was noticed that at least some of the commandeered profiles had their registered email addresses changed, suggesting someone was able to go through high-profile accounts, change the email addresses and potentially disable multi-factor authentication, reset the passwords, and get in to tweet the Bitcoin-harvesting scam:

It is feared miscreants, one way or another, gained control of some kind of internal control panel at Twitter, such as a support system, and used it to change account details to take profiles on a joyride.

Twitter said in an email to The Register that it is looking into the situation and plans to issue a statement when it knows more. Meanwhile, US Senator Josh Hawley (R-MO) has demanded a full explanation from Twitter CEO Jack Dorsey. ®

Updated to add

Leaked yet unconfirmed screenshots are now circulating among infosec bods of an internal Twitter account control panel that may have been abused, by a rogue insider or outside miscreant, to change the registered email address of profiles so that they could be hijacked. Twitter is said to be removing these screenshots from its social network, and suspending accounts that share them, for violating its terms of use.

One example screenshot is below:

Final update

Twitter said tonight miscreants gained access to its internal control panels by social-engineering staff, leading to the account takeovers. An investigation is ongoing.

"We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools," the social network said. "Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers."

More about


Send us news

Other stories you might like