Skip to Content
© Mohamed Ahmed Soliman | Dreamstime.com
Security & privacy

How hackers took over Twitter – and the lesson we can learn from it

At Komando.com, helping our readers stay protected from hackers and scams is one of our biggest priorities. These cybercrimes have already done billions of dollars in damage over the past few years, and in recent months, they’ve only increased in frequency.

Fortunately, protecting yourself is fairly easy. If you avoid opening suspicious emails, texts, and download links, hackers won’t have a chance to hijack your accounts or sell them on the Dark Web. Tap or click here to see how much all your personal data can sell for on hacker forums.

Despite how easy it is to stay safe, it appears that Twitter employees should be reading Komando.com. Twitter accounts belonging to industry titans like Bill Gates and Jeff Bezos were hijacked by cryptocurrency scammers in front of millions of awestruck users. And now, we’re finally getting to the bottom of how one of the greatest internet heists ever was pulled off.

Tech titans trampled on Twitter

Bill Gates shocked his more than 50 million Twitter followers when he suddenly posted mysterious thoughts on Bitcoin, and how eager he was to spread his substantial wealth around.

Sounds like a heck of a deal, right? Well, “coincidentally,” a few other major tech industry figures had a similar idea about Bitcoin, and why it might be fun to double Twiter users’ donations.

What is going on here? Is there a coordinated “Bitcoin party” happening on Twitter? Nope! Based on statements from Gates and others, it appears to be a full-scale coordinated hack targeting some of the biggest names on the platform.

But it’s not just the accounts listed above, either. At the time of publication, users like Jeff Bezos, President Barack Obama, Democratic presidential candidates Michael Bloomberg and Joe Biden, and Israeli Prime Minister Benjamin Netanyahu have also posted the same scam text with the same Bitcoin address.

Many of these users have since deleted the compromised posts, although Elon Musk’s account seems to continue posting the text even after it’s taken down. In case it wasn’t obvious enough if you ever see posts or comments like this, do not engage with the scam posts or send Bitcoin to the addresses they list.

Don’t believe us? If you use a Bitcoin tracking service to monitor the wallet listed in the posts, you’ll already see the scammers behind the hack have generated more than $110,000 U.S. dollars in funds. Odds are that number will continue to go up. We doubt any of the donors will be getting their payments matched any time soon.

What really happened?

On July 31, the Department of Justice announced it had filed charges against three perpetrators behind the cyberattack. Graham Ivan Clark and Nima Fazeli, two Florida residents, and Mason Sheppard of Bognor Regis, U.K. were identified as the hackers, and face multiple felony charges. At least one of the hackers, Mr. Clark, was identified as a minor.

Before charges were filed, Twitter Support acknowledged the incident in the following thread:

Apparently, the hacking incident was the result of a social engineering effort towards internal Twitter employees. According to reports from Vice, two of the hackers responsible for the attack appeared to have coordinated with an insider, with one source indicating they paid the insider for their help. The truth behind these claims is currently subject to investigation.

Eventually, they were able to hijack enough accounts to net a sizable amount of money in Bitcoin. They were allegedly able to access private messages of 36 accounts and download data from 7.

One thing the hackers did make public, however, was a bizarre tool from Twitter’s back end. This administrator panel features a range of settings that can be applied to accounts — including the ability to blacklist users from trending topics. This adds even more fuel to the debate over whether Twitter has been “shadowbanning” specific users.

In the aftermath of the attacks, investigators were apparently hot on the hackers’ trail. IRS investigators in Washington, D.C., identified two of the hackers by checking online Bitcoin ledgers that hackers tried to keep anonymous. As skilled as they were in hacking Twitter, they weren’t able to cover their tracks, it seems.

I use Twitter! Can I protect myself from hacks like this?

Right now, the best option you have is to immediately activate two-factor authentication (2FA) for your Twitter account. This will prevent unauthorized access to anyone without physical access to your smartphone, and you’ll be alerted any time someone logs in without your permission.

To set up 2FA, sign in to your Twitter account on the web and click your profile picture on the top right of the screen, followed by Settings and then Privacy from the dropdown menu. Scroll down to the Security section and click add a phone under the Login verification: Verify login requests checkbox.

Select your country, enter your phone number and type in the code you receive to complete the process.

And if you’ve been eager to give Bitcoin a try, it’s probably not the best time to do so. With so much happening behind the scenes, who knows what sharing your Bitcoin wallet on Twitter will cause. Tap or click here to see how North Korean state-sponsored hackers stole millions of dollars worth of Bitcoin in 2018.

Komando Community background

Join the Komando Community!

Get even more digital know-how and entertainment with the ad-free Komando Community! Watch or listen to The Kim Komando Show on your schedule, read Kim's eBooks for free, and get answers in the Tech Forum.

Join Now