Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple Twitter account hacked in Bitcoin scam campaign

Last updated

The official Apple Twitter account appears to have been hacked as part of a bitcoin scam campaign that targeted other prominent tech accounts.

Credit: Twitter Credit: Twitter

"We are giving back to our community. We support Bitcoin and believe you should too!" the fraudulent tweet read, before giving instructions to send bitcoin to a wallet address and claiming that doubled payments would be sent back.

Apple appears to have cracked down on the tweet fairly quickly, which only appeared on the Twitter account for a brief time on Wednesday afternoon.

Along with the Cupertino tech giant, the Twitter accounts for Tesla CEO Elon Musk, Microsoft co-founder Bill Gates, Democratic presidential candidate Joe Biden and former President Barack Obama also appear to have been breached in the scam campaign. Other prominent figures and companies targeted by the bitcoin scammers include Coinbase, Coindesk, Binance, Mike Bloomberg, Gemini, Kanye West, Uber, Bitcoin and Jeff Bezos.

Musk appears to have been attacked first, with the scammer posting multiple tweets from the account Wednesday afternoon with the same bitcoin address seen in the Apple tweet. The hackers then moved on to Gates, Coinbase and Apple.

Although those fraudulent tweets were quickly removed, others were reposted after deletion, suggesting that the attackers may still have access to some of the accounts. Rumors circulating on social media claim a Twitter employee was successfully targeted as part of a spearphishing operation, granting attackers access to the social network's internal tool. This would explain how hackers accessed accounts protected by two-factor authentication.

Cryptocurrency exchange Binance called the campaign a "coordinated attack on the crypto industry," and told TechCrunch that its security team was "actively investigating."

According to a tweet security researcher @sniko_, the attackers may have gained full access to some of the cryptocurrency-related accounts by changing the email addresses associated with them.

The tweet on Apple's account was especially notable because the company doesn't post anything. Instead, it uses the Twitter account to push ads.

A Twitter spokesperson told Business Insider that the matter was "being looked into."

According to Blockchain Explorer, the scam has brought in more than $110,000 at the time of this writing.



22 Comments

elijahg 18 Years · 2842 comments

Oops. Looks like someone internal to Twitter didn't use 2FA.

linkman 11 Years · 1041 comments

Sounds like Twitter is the one that was compromised. And to those that fell for this scam: Grow a brain! If you are smart enough to use Bitcoin then you should be smart enough to recognize an obvious scam like this.

headfull0wine 10 Years · 124 comments

And Twitter admins should have separate AD accounts with elevated privileges. Not their everyday employee account with email. 

EsquireCats 8 Years · 1268 comments

I agree it seems highly unlikely that a large number of high profile, security aware individuals were simultaneously tricked into a phishing scam. Especially so when considering that the Apple account is just an empty placeholder.

lkrupp 19 Years · 10521 comments

Other big names getting hit too, including Joe Biden, Bill Gates and Elon Musk.

https://www.cnn.com/2020/07/15/tech/twitter-hack-elon-musk-bill-gates/index.html

Twitter (TWTR) accounts belonging to Joe Biden, Bill Gates, Elon Musk and Apple, among other prominent handles, were compromised on Wednesday and posted tweets that appeared to promote a cryptocurrency scam.

The accounts, along with those of former President Barack Obama, Kanye West, Warren Buffett, Jeff Bezos and Mike Bloomberg, posted similar tweets soliciting donations via Bitcoin to their verified profiles on Wednesday. 
"Everyone is asking me to give back, and now is the time," Gates' tweet said, promising to double all payments to a Bitcoin address for the next 30 minutes.