A growing number of high-profile verified Twitter accounts were hacked today, including those belonging to tech billionaires Elon Musk, Jeff Bezos and Bill Gates, after Twitter staff were tricked using a "coordinated social engineering campaign".
Apple and ride-sharing giant Uber's official account were also compromised, in what appears to be the most serious attack on Twitter to date. United States presidential candidate Joe Biden's account was also compromised.
"We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools," Twitter said in its initial post-mortem.
"We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf.
"We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it."
Twitter said it immediately locked down the affected accounts and removed tweets posted by the attackers once it became aware of the incident.
"We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this," it said.
"This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do."
Twitter said it would restore access to original account owners "only when we are certain we can do so securely."
In addition, it said, "Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues."
The scam is a simple one, with a promise that the world's richest people would double the amount of money sent to a Bitcoin crypto currency address.
In a variant of the scam, people are asked to send one Bitcoin (A$13,134 currently) instead of a US dollar amount.
The hacking campaign appears to be ongoing, with more accounts being compromised and Twitter deleting the scam tweets they post.
As the celebrity and high-profile accounts were likely to have 2FA (two factor authentication) enabled, information security professionals are speculating that the hack may be due to a compromise of internal user management systems at Twitter.
Exclusive : this is likely the panel of the compromised Twitter employee! pic.twitter.com/Nj8E3KhIHV— Under the Breach (@UnderTheBreach) July 15, 2020