Elon Musk and Many Other High Profile Twitter Accounts Hacked, used in Bitcoin Scam making nearly $60,000

Elon Musk Bitcoin Scam

Elon Musk and many other famous faces and companies have seemingly had their Twitter accounts hacked, and used for a scam that has generated almost $60,000 USD in bitcoin.

While BNO has not reported the story formally on their website, they have tweeted that “nearly $60,000 has been paid so far.” All of the tweets masquerading as real companies of people ask users to pay into the same Twitter account. The scam involves the account claiming to repay those who donate to a bitcoin wallet will receive a greater amount in return.

According to The Verge, affected accounts that begun springing up after 4 p.m. ET include Elon Musk, Warren Buffet, Jeff Bezos, Bill Gates, Kanye West, Wiz Khalifa, MrBeast, Joe Biden, Barack Obama, Mike Bloomberg, Apple, Uber, Cash App and other “major” crypto-currency focused accounts.

Elon Musk’s name has been by Bitcoin scams before. Accounts would pass around screenshots of a fake Elon Musk tweet, claiming they offered bitcoin, with other accounts replying in gratitude. These fake screenshots even included fake Niche Gamer tweets in the replies (image via TrustNodes).

According to Mempool (a bitcoin transaction tracking website) the offending account currently has $57,453.18 USD in bitcoin. While there are few legitimate places to spend bitcoin, that has not stopped people creating “bitcoin farms” (allowing computers to be used for blockchain transactions in exchange for some bitcoin), or investing into crypto-currencies.

We will keep you informed as we learn more.

UPDATE: We are hearing claims that a Twitter employee or Twitter itself has been hacked, exploited, or been a victim of someone handing out information required to access Twitter employee access levels. However, some who initially proposed it could be something like this later suggested it may be due to an exploit with a third-party app.

We are currently attempting to verify these claims.

UPDATE 2: Twitter Support has tweeted the following: “We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.”

UPDATE 3:  Twitter are now reportedly blocking the bitcoin address from being posted on their platform [1, 2]. However, this may also be affecting individuals talking about Bitcoin in general, as oppose to sharing the bitcoin address.

Coinbase, a website dedicated to trading crypto-currency, has also reportedly blacklisted the bitcoin address.

UPDATE 4: Will Chamberlin- lawyer, Editor-in-Chief of Human Events, and Senior Counsel at the Internet Accountability Project has tweeted the claim that every blue checkmark account is now locked.” Buzzfeed journalist Brandon Wall has also allegedly verified this.

UPDATE 5: We are hearing unverified claims that non-verified, non-high profile Twitter accounts are also posting the Bitcoin scam. However, many are joking (not posting actual bitcoin wallet codes, or using the phrase “I am giving back to my followers” or “community“), or may only be pretending to have been hacked.

UPDATE 6: Twitter Support has further tweetedYou may be unable to Tweet or reset your password while we review and address this incident.” No distinction was seemingly made between verified and unverified users.

UPDATE 7: Wired reports the scam has now made “well over $100,000.”

UPDATE 8: The Verge Senior Editor Tom Warren has confirmed (by tweeting from his verified Twitter account) that verified users can tweet again.

UPDATE 9: Those posting fake versions of the scam’s message, even as a joke, may be getting locked out of their accounts. This is according to Jeremy Kaplowitz, Editor in Chief of Hard Drive.

UPDATE 10: Scam Alert, a website dedicated to letting users report crypto-currency scams, reports the scammer may has “lifetime earnings” in their Bitcoin wallet of $118,408 USD.

UPDATE 11: Twitter Support has issued the following statement:

“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.

We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.

Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers.

We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this.

This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do.

We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.

Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.”

Twitter also stated “Most accounts should be able to Tweet again,” prior to this statement. There have also been claims that the Twitter Support account was hacked to produce the bitcoin scam message, however this appears to have been an edited image.

UPDATE 12: Possibly as a result of the hack, images of the Admin panel for Twitter. We have included additional redaction of email addresses.

Through the use of Forensically (a free online photo forensic tool), we feel the images may be genuine (however the website is still in beta, and increasing certain parameters can result in false-positive results).

In the third screenshot, we see a user has been marked with labels such as “Compromised,” “Trends Blacklist,” “Search Blacklist,” and “ReadOnly”. Twitter has long been “shadow banning” users- preventing their tweets from being seen by others while the user is unaware.

While Twitter admitted to limiting an abusive tweet’s visibility, resulted in Twitter CEO Jack Dorsey having to testify to the US House Energy and Commerce Committee. This was due to allegations of censorship, especially aimed at those with republican beliefs. Twitter’s terms of service (as of January 2020) effectively wrote shadow banning into their terms [123].

On May 28th, 45th President of the United States Donald Trump has signed an executive order on Preventing Online Censorship.” This came after Twitter marked one of his tweets as “deceptive.” President Trump had expressed concern that mail-in ballots “will be anything less than substantially fraudulent.

In summation, the executive order ascertains that social media is the modern “public square.” As such they would lose their protections from being liable for what users post, if they use “their power over a vital means of communication to engage in deceptive or pretextual actions stifling free and open debate by censoring certain viewpoints.”

If the above screenshots are genuine, it would seem that Twitter may be preventing users from seeing genuine search results and trends. Whether this is to prevent the spread of illegal content, or those parameters include anything else, is unknown.

UPDATE 13: Vice reports that some users who have been tweeting images of the panel are being banned (and screenshots being deleted) as it violates their terms of service.

They also report that the hackers gained access via a Twitter “insider.” Citing two anonymous sources who claimed they took over high-profile accounts, one of them stated “We used a rep that literally done all the work for us.” They confirm the hack was conducted by a tool Twitter use. After the accounts were accessed, the email address was changed.

Four sources showed Vice screenshots of the internal tool. Vice did not confirm if this was the admin panel seen in the screenshots above, however other screenshots they show in their article appear identical to it. Vice also describes the tool as a “panel” at several points.

This is Niche Gamer Tech. In this column, we regularly cover tech and things related to the tech industry. Please leave feedback and let us know if there’s tech or a story you want us to cover!


Ryan was a former Niche Gamer contributor.

Where'd our comments go? Subscribe to become a member to get commenting access and true free speech!