The FBI is investigating the worst security breach in Twitter’s 14-year history, as hackers commandeered more than 100 high-profile accounts, The Wall Street Journal reported.
Security investigators discovered cybercriminals committed alleged cryptocurrency fraud Wednesday (July 15) after hackers seized control of the Twitter accounts of political figures, executives and celebrities. Among the targets included presumed Democratic presidential nominee Joe Biden, reality star Kim Kardashian, former President Barack Obama, Microsoft’s Bill Gates, entrepreneur Elon Musk and investor Warren Buffett.
The attackers posted tweets that appeared to promote a cryptocurrency scam and posted similar tweets on celebrity accounts soliciting donations via bitcoin to their verified profiles, The Journal reported.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter’s support team posted late Wednesday.
Blockchain records show the scammers received more than $100,000 worth of cryptocurrency, Reuters reported.
Twitter declined to reveal specifics about the hack. But security experts told The Journal the breach may have occurred on the company’s internal account-reset systems. The platform is used to assist Twitter account holders regain access to their feed after forgetting a password or losing their phones.
“We’re still in the process of assessing longer-term steps that we may take and will share more details as soon as we can,” Twitter added in its statement.
The invasion, which lasted for hours, was detected by security experts amid concerns that the vulnerability of the company’s systems could pose broader risks to international security, The Journal reported.
“We’re just now getting to an understanding of how critical [social-media platforms] are to how our nation operates,” Neil Jenkins, chief analytic officer at Cyber Threat Alliance, a nonprofit whose mission is to improve sharing of cyber-threat data, told the newspaper.
Jenkins, who was on the team to fight Russian interference in the 2016 election, told The Journal that this most recent attack showed federal agencies are limited when it comes to protecting private companies from such intrusions.
Reuters reported the FBI’s San Francisco unit is leading the inquiry into the hacking. The social media’s headquarters is based in San Francisco.
On Thursday (July 16), PYMNTS reported the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) notified financial institutions of the scam that promised to double bitcoin donations and return them to the senders if people clicked a malicious link.
FinCEN said financial institutions (FIs) should be on the lookout for suspicious activity, including high volumes of payments deposited in accounts over short periods of time from previously unaffiliated accounts or multiple originating convertible virtual currency addresses.