Twitter has been hacked. But it seems that it’s not individual accounts that have been hacked or even a more feasible API attack stemming from a third-party service breach. Increasingly, it looks like a hack specifically targeting some of the highest-profile users on the site has successfully breached Twitter’s user management panel.
All of which is to say, Jack Dorsey needs to leave whatever seance or ice bath he’s currently in and shut the site down. Now.
The current accounts targeted include those of presumptive Democratic presidential nominee Joe Biden, former President Barack Obama, Bill Gates, Elon Musk, Kanye West, Jeff Bezos, Michael Bloomberg, Apple, and Uber. The accounts are all posting some iteration of the following:
Massive Twitter hack underway by Bitcoin scammers:
– Bill Gates
– Elon Musk
– Joe Biden
– Warren Buffett
– Kanye West
– Michael Bloomberg
– Apple
– Uber
– Jeff Bezos
– Barack Obama pic.twitter.com/5uSngaBdrZ— Breaking911 (@Breaking911) July 15, 2020
As far as Bitcoin bait goes, this attempt is a relative failure, given the sheer scope of the followers the hacking targets have. Despite reaching audiences of tens of millions of followers, the hackers evidently haven’t scammed more than six figures from the public. (They’ve gotten $116,109.20 as of this writing.) But less important than the money is the fact that Twitter has likely been internally compromised. This breach could culminate in something a lot more serious.
For example, consider what falsehoods a hacker could believably post from the trigger-happy President Trump. If this hacker could breach Twitter’s user management panel, perhaps another with more tact could as well and post falsehoods from prominent accounts to rig markets. Worse yet, just imagine the international conflagrations that could be started with everything from fake tweets to search, data, and direct message leaks.
Twitter needs to shut down until it figures out what the hell is going on. It has a massive security problem that will take a lot longer than today to fix fundamentally, but in the short run, it needs to suture the wound and pause the site’s functionality.
