SAN FRANCISCO (AFP) – Twitter is probing a massive hack of high-profile users from Elon Musk to Joe Biden that has raised questions about the platform’s security as it serves as a megaphone for politicians ahead of November’s election.
Posts trying to dupe people into sending hackers the virtual currency Bitcoin were tweeted by the official accounts of Apple, Uber, Kanye West, Bill Gates, Barack Obama and many others on Wednesday.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter said.
The fraudulent posts, which were largely deleted, said people had 30 minutes to send US$1,000 (S$1,392) in the cryptocurrency, promising they would receive twice as much in return.
A total of 12.58 bitcoins – worth almost US$116,000 – were sent to e-mail addresses mentioned in the tweets, according to Blockchain.com, which monitors crypto transactions.
“We advise the public not to fall victim to this scam by sending cryptocurrency or money in relation to this incident,” said the FBI’s San Francisco division, which was investigating.
The account of President Donald Trump, which has 83.5 million followers, was not targeted.
“The president will remain on Twitter,” White House press secretary Kayleigh McEnany said. “His account was secure and not jeopardised during these attacks.”
With the presidential election just over three months away, the influence that social media platforms have on politics has become a hotly debated issue.
Just hours before Wednesday’s hack, the House of Representatives Committee on Oversight and Reform called for the appointment of a national cybersecurity czar.
In a sign of their growing role in public life, social media have become essential tools, especially in times of crisis.
“For US decision-makers, Twitter presents a bit of a paradox,” said Heather Williams and Alexi Drew, who just published a book on Twitter’s place in diplomacy for the Centre for Science and Security Studies at King’s College in London.
“Tweets from government officials may help shape the American public narrative and provide greater insights into US decision-making to reduce misperception by foreign actors,” they wrote.
“On the other hand, tweets may increase misperception and sow confusion during crises, creating escalation incentives for an adversary,” Williams and Drew wrote.
Twitter locked down affected accounts and removed the fraudulent tweets. It also locked accounts not affected by the hack as a precaution.
As of Thursday afternoon, the company was “working to help people regain access to their accounts ASAP if they were proactively locked…. taking extra steps to confirm that we’re granting access to the rightful owner.”
Trump escaped being hacked this time, although in November 2017 his account was deactivated for 11 minutes by a Twitter employee on their last day on the job.
“It’s because the president’s account had already been deleted by a Twitter contractor several years ago and it looks as if they have put a bunch of protections around that account,” the former head of security at Facebook, Alex Stamos, said on CNBC.
Vice reported that a Twitter insider was responsible for Wednesday’s hack, citing leaked screenshots and two anonymous sources apparently behind the hack, one of whom told the media outlet they had paid the employee.
US Senator Josh Hawley tweeted a letter to Twitter chief executive Jack Dorsey expressing concern over privacy for the San Francisco-based company’s millions of users.
“I am concerned that this event may represent not merely a coordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself,” he said.
The tweet that appeared on Tesla founder Musk’s Twitter feed said: “Happy Wednesday! I am giving back Bitcoin to all of my followers. I am doubling all payments sent to the Bitcoin address below. You send 0.1 BTC, I send 0.2 BTC back!”
It added that the offer was “only going on for 30 minutes.” The fake messages that appeared on other famous accounts made similar promises.