High-profile Twitter accounts of Elon Musk, Bill Gates, Apple and others hijacked to promote Bitcoin scam

Twitter accounts belonging to high-profile politicians, business people, companies and celebrities like Elon Musk and Apple, were hijacked yesterday evening to promote a crypto currency scam.


Elon Musk Twitter scamThe cryptocurrency scam displayed on Elon Musk’s Twitter account

On Wednesday, scammers were able to hijack verified high-profile Twitter accounts in order to promote cryptocurrency scams that promise free Bitcoins. Among the hijacked accounts were those belonging to Bill Gates, Elon Musk, Jeff Bezos, Barack Obama, Kim Kardashian, Apple, CoinDesk and many more. Hijacked Twitter accounts displayed a fairly typical cryptocurrency scam that invites users to participate in a Bitcoin giveaway.

Supposedly, companies like Apple, politicians such as Barack Obama and Joe Biden, and celebrities like Kim Kardashian are feeling generous and offer to double all payments sent to their BTC address. “You send $1,000, I send you back $2,000,” the scam claims. Users were given 30 minutes to transfer money to the provided wallets if they wanted to get double the amount. By giving a time limit, scammers pressured users into making immediate decisions as users believed they did not have the time to check the legitimacy of it all.

Barack Obama Twitter scamThe cryptocurrency scam displayed on Barack Obama’s Twitter account

Bitcoin giveaway scams are nothing new, they’re pretty common in fact, particularly on Twitter and recently on YouTube. They trick users into sending various amounts of cryptocurrency to scammers’ accounts in hopes to later receive double the amount, only to get nothing in the end. But what’s noteworthy in this scam is that the messages were posted from legitimate accounts. Cryptocurrency giveaway scams are usually promoted via fake accounts that are made to look like they belong to people like Elon Musk, or companies like CoinDesk. Elon Musk’s name in particular is often used to scam people. We reported on this last month, when scammers started actively using the attention Elon Musk’s SpaceX received for successfully launching a crewed Dragon spacecraft to scam people.

The fact that tens of verified Twitter accounts were hijacked at the same time to promote the same scam means it’s not just a case of an account being protected by a weak password, thus being easy to hack. Twitter released a statement soon after the incident, explaining what likely happened. According to Twitter, in what the social media giant called “a coordinated social engineering attack”, attackers targeted Twitter employees who have access to the internal systems and tools. From there, the attackers were able to take over certain accounts for a brief period of time.

Twitter's statementPart of Twitter’s statement about the hijack

“We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” Twitter said in one of its tweets about the incident.

As soon as Twitter noticed what was happening, they locked down the hijacked accounts and removed the tweets promoting the crypto scams. For a period of time, all verified accounts were restricted and only had limited functionality while Twitter was investigating.

While the scam was not up for long, 375 transactions were made to the bitcoin address by the time the posts were taken down, earning scammers nearly 12 Bitcoins, which equals to $120,000 at the time of writing.