Skip to main content

Massive Twitter hack hits Barack Obama, Elon Musk and more as verified accounts frozen

(Image credit: DAVID MCNEW/AFP via Getty Images)

Are you rich and famous? Do greedy young men admire you? 

Then you might not have been able to tweet for about two and a half hours today (July 15), because Twitter temporarily disabled the ability of all verified accounts to post anything. 

The security measure was taken because earlier today, Twitter accounts belonging to dozens of high-profile individuals and companies were hijacked to lure gullible followers into Bitcoin scams.

The hijacked accounts apparently included those of Bill Gates, Jeff Bezos, Elon Musk, Kanye West, Joe Biden, Floyd Mayweather, Mike Bloomberg, Barack Obama, Warren Buffett, XXXTentacion, Israeli Prime Minister Benjamin Netanyahu, Wiz Khalifa, Apple and Uber.

Shortly after 6 p.m. Eastern time, Twitter temporary disabled the ability of verified accounts -- those with a blue check mark -- from sending out any new tweets. The verified accounts regained tweet-power about 8:35 p.m. Eastern.

"You may be unable to Tweet or reset your password while we review and address this incident," the Twitter Support account said.

Even our own Philip Michaels, whose status as a Very Important Californian entitles him to a Twitter verification check mark, found himself unable to communicate with the outside world en masse. He could still send direct messages or retweet other people's tweets.

The message Philip Michaels got when he tried to tweet.

(Image credit: Twitter screenshot by Tom's Guide)

Twitter's drastic move might have been because the hijacked accounts kept spreading a few hours after they began, with West's wife Kim Kardashian West falling victim just after 6 p.m. Eastern.

A scam tweet posted on Kim Kardashian's Twitter account.

(Image credit: Twitter screenshot by Tom's Guide)

Interestingly, the Bitcoin address posted on Kardashian's tweet was different from the address on most of the other tweets.

"We are giving back to our community," read the message posted earlier on the Apple account. "We support Bitcoin and we believe you should too! All Bitcoin sent to our address below will be sent back to you doubled!"

The tweet then posted a Bitcoin address, followed by the words, "Only going on for the next 30 minutes."

A scam tweet posted on Apple's Twitter account.

(Image credit: Twitter screenshot by Tom's Guide)

Messages posted on other accounts varied, but all included the same Bitcoin address, which had received nearly 13 bitcoin as of this writing, or about $119,000 in U.S. dollars -- all of it today. (It had also sent out more than 7 bitcoin.)

"I have decided to give back to my community," the Bezos tweet said before it, like the others, was taken down. "All Bitcoin send to my address below will be doubled. I am only doing a maximum of $50,000,000."

A scam tweet posted on Jeff Bezos' Twitter account.

(Image credit: Twitter screenshot by Tom's Guide)

This isn't the first time Elon Musk's name has been used in a Bitcoin scam. Last month, a security firm found that scammers had been creating custom Bitcoin addresses that incorporated Musk's name.

The cryptocurrency news site CoinDesk reported that the account hijackings began with about a dozen cryptocurrency-related accounts all tweeting out the same thing: "We have partnered with CryptoForHealth and are giving back 5000 BTC to the community. See more here: cryptoforhealth.com". 

There is no website at that address. About an hour later, the hijacking of high-profile individuals and companies began with the messages you've seen above.

It's not clear how the scammers got into so many high-profile Twitter accounts at once. It's unlikely that each could have been individually compromised, although accounts of public figures are often shared among several staffers on the account holder's payroll. 

As the Verge put it, these incidents suggest "that someone has either found a severe security loophole in Twitter's login process or has gained access to a Twitter employee's admin privileges."

The latter scenario got support from numerous Twitter users who claimed to have seen login credentials to a Twitter administrative interface bouncing around hacker forums earlier today, although Tom's Guide couldn't verify any of those claims.

However this widespread attack was pulled off, the perpetrators seemed to have completely undermined Twitter's own security. We'll have more on this situation when we know more.

A scam tweet posted on Barack Obama's Twitter account.

(Image credit: Twitter screenshot by Tom's Guide)

Twitter itself put out a terse statement that it was "aware of a security incident impacting accounts on Twitter."

"We are investigating and taking steps to fix it," it added. "We will update everyone shortly."

Tyler Winklevoss, one-half of the Winklevoss twins whose accidental involvement in the founding of Facebook was made famous by the movie "The Social Network," tweeted out that the Twitter account of his and his brother's Gemini cryptocurrent exchange had been hacked, as had that of several other cryptocurrency services.

More worryingly, Winklevoss said "we have 2FA enabled for @Gemini. We are currently investigating root cause. Please stay tuned."

Two-factor authentication, or 2FA, is a meant to ensure that an attacker can't hijack an account even if the attacker gets the password.

We would normally urge you to set up 2FA on your Twitter account to prevent your account getting hijacked, but that doesn't seem to make any difference in this case. All you can do is take comfort in the fact that you're (probably) not famous.