Twitter temporarily suspended verified accounts from posting on the platform following a cryptocurrency scam that targeted several high-profile users, including Elon Musk and Bill Gates as well as Joe Biden, Barack Obama, Kanye West and several company accounts, including Apple and Square’s Cash App, among others.
“We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly,” the platform announced an hour after initial accounts were compromised. “You may be unable to Tweet or reset your password while we review and address this incident.”
Three hours later, the company reported that “most accounts should be able to tweet again.”
“As we continue working on a fix, this functionality may come and go,” the company said in a statement. “We’re working to get things back to normal as quickly as possible.”
Scammers were able to take control of users’ accounts and ask for users to send $1,000 to a Bitcoin account with the promise that their deposit would be doubled in return.
The company’s hold on verified accounts appears to be a first for the platform.
Twitter’s verified accounts contain a bright blue checkmark to let users know that the “account of public interest is authentic.”
Those accounts typically belong to celebrities, brands, politicians and other public figures.
The hacks on Wednesday only targeted verified users.
Messages first appeared on the Tesla CEO’s account on Wednesday: “I’m feeling generous because of Covid-19. I’ll double any BTC payment sent to my BTC address for the next hour. Good luck, and stay safe out there!”
The message was deleted and replaced with another similar message: “Feeling greatful [sic], doubling all payments to my BTC address!”
“You send $1,000, I send you back $2,000,” the message said.
Similar messages followed on Microsoft founder Bill Gates’ account, as well as the accounts of several Democratic politicians, celebrities and tech figures and their companies, ultimately creating one of the largest hacks on the social media platform affecting accounts totalling millions of followers.
The scam appears to have worked – unconfirmed transactions show that the scammers have netted several thousands of dollars.
Account holders themselves were not targeted in the scam, which relied on their massive followings to lure users into the scheme.
It was not immediately clear how the scammers had access to the accounts and how many people were impacted.
Twitter did not immediately return a request for comment but directed reporters to the company’s support account.