Yesterday, the official Twitter handle of several verified accounts and large groups were compromised. The attack apparently started with the accounts of the world’s leading crypto exchange, Binance. Other giant crypto exchanges and custodians which had their fair share included Kucoin, Coinbase, Bitfinex, and Gemini.
These accounts were hacked to promote a giveaway scam which reads:
“We have partnered with CryptoForHealth and are giving back 5,000 BTC to the community.”
Prominent leaders in the crypto industry such as Binance CEO Changpeng Zhao, Tron CEO Justin Sun, BitMEX CEO Arthur Hayes, and Litecoin creator Charlie Lee were also victims. Other public figures, who are not even crypto enthusiasts, were not left out. Some of them included former U.S. President Barack Obama, Joe Biden, Elon Musk, Bill Gates, Jeff Bezos, and Wiz Khalifa,
In a series of tweets, the Twitter support team noted that investigations are underway concerning the issue. According to the team, they have so far detected what they believe to be a coordinated social engineering attack by hackers who successfully targeted some of Twitter’s employees with access to internal systems and tools.
The team claim they are aware these bad actors used this access to take control of many highly visible accounts and tweeted on their behalf. The team added that, they are currently looking into what other malicious activity these hackers may have conducted or information they may have accessed.
As measures to control the situation, the team said it immediately locked down the affected accounts and removed tweets posted by the hackers. Furthermore, functionality for a much larger group of accounts, including those with no evidence of attack, was also limited. Moreover, the team said it has taken significant steps to limit access to internal systems and tools while investigation is still underway.
The team claim most functionality has currently been restored. However, accounts that were compromised are still locked, and access to the original account owners will be restored once the team are certain it is safe to do so.