Twitter blocked tweets from verified accounts after a massive security breach

[Valin]

MIT

Patrick Howell O'Neill

July 15, 2020

What do Joe Biden, Barack Obama, Elon Musk, and Bill Gates have in common?

Dozens of high-profile verified Twitter accounts were hacked on Wednesday, seemingly to push a cryptocurrency scam that may have netted upwards of $100,000 in a matter of minutes. These kinds of scams are old hat on Twitter, but never have so many prominent accounts been taken over at once.

To stem the tide, Twitter appeared to take the unprecedented step of suspending all tweets from verified accounts for about a half hour on Wednesday. They also blocked some password reset attempts. Other restrictions remained in place but largely unexplained through the evening.

Several victims of the hack said they use multi-factor authentication to protect their accounts, but that security feature was of no use. Instead, the sheer volume of hacked accounts suggests a problem with Twitter itself. A company spokesperson said Twitter is “investigating and taking steps” to address the incident. We don’t know yet how it happened or who is behind the attack.

While the hack at first glance seemed to be part of a Bitcoin scam, there could be another motive. Any hacker who can tweet from an account could potentially be able to read private direct messages. 

(Snip)

Takeovers first began late in the afternoon US Eastern Time against primarily cryptocurrency-focused accounts like the trading platforms Coinbase, Gemini, and Binance. The impact spread quickly after that.

[Valin]

July 16 2020