Twitter Accounts got Hacked using Internal Tool

Verified Twitter Accounts got Hacked using Internal Tool for Crytocurrency Scam by Hackers

The Hackers Meetup
5 min readApr 17, 2021


“15th July, Wednesday was a tough day for Twitter as it went through a very crucial cyber-attack making it less reliable platform for American public. Very important, high-profile and popular people’s accounts were hacked and were used for a bitcoin scam. The most powerful Twitter accounts in America were twitting about bitcoins on this Wednesday. Twitter as its immediate response tried to delete these tweets but more such tweets were being posted on similar account handles. The attack is said to be based on a known cryptocurrency scam technique and who did it is not yet confirmed.”

Shock, horror! The bad actor(s) used social engineering to pwn twitter and get access to their admin tools/panels. It look like Twitter can use some security awareness training to mitigate future attacks. The humans is always the weakest link. I think i heard that somewhere. ;-)
— Kevin Mitnick

What “Twitter Hack” was all about?

At 4 pm, 15th July, in US, many high profiles accounts were hacked and their accounts were tweeting a similar kind of message that if any bitcoin is shared in the given link, double the number of bitcoins will be shared back. And the message stated that this scheme will be valid for 30 minutes only. Initially, Apple and Uber handles were the ones which were sharing this kind of tweets and later on Elon Musk and Bill Gates were the new hosts to this “Twitter hack” parasite. After a few hours, Obama, Joe Biden, Jeff Bezos, Mike Bloomberg, Wiz Khalifa, Kim Kardashian, Floyd Mayweather, Kanye West, Cash app and many more were also hacked and same kind of tweets were also done from these accounts giving the same link for bitcoin transfer.Twitter has been a house for such cryptocurrency scams over many years. But this one was targeting larger audience and many high-profiled accounts were compromised which also means that there is a 100 percent possibility of data theft from these compromised accounts.

How did the hack happen?

At first, twitter at 2:45 pm declared a “security incident” when many cryptocurrency-focused accounts (like @bitcoin, @ripple, @coindesk, @coinbase and @binance) shared the same tweet. The tweet shared by these accounts contained a message that said that “We have partnered with CryptoForHealth and are giving back 5000 BTC to the community” and a link of a website was also given. This was the first hack that was performed. Many accounts were hacked similarly and after a certain period of time it was believed that the accounts were back to the owners as most of the tweets got deleted. But this was the trailer to the picture. After a few more minutes all the accounts which were compromised were posting the same kind of message. The accounts compromised appealed to the public that if they send bitcoins in the Link they have provided, they will return double the number of bitcoins. In greed, people got into this trap and sent their bitcoins thinking that they will get a double of what they invested. But this never happened. The hackers intended to steal these bitcoins which were sent to them. A clear intention of theft and manipulation of data was done.The total number of transactions that have occurred so far are 370+ and over 12.86 bitcoins are sent. Which sums up to $117281.92 USD. The figure is still going up and many more accounts are compromised and are posting the same message in the tweet.

A cryptocurrency scam is when scammers take over trusted accounts and ask to send any bitcoin or token money. The is promised to get back a double or triple amount in return. This is actually impractical but is a type of scam that always works.The most advanced company giants like Apple which is very keen about the robust security system also fell in this trap. The tweet from Apple’s account stated that “We are giving back to our community. We support Bitcoin and we believe you should too”. After that Elon Musk’s account tweeted that “feeling generous because of Covid-19”. Musk has been a crazy twitter handle which has notorious followers. Elon Tweets now and then about his life, his space knowledge and about his business. A message like this, with investment getting doubled would be easily trusted by his followers.

The former President of United States of American, Mr. Obama was also under the name of powerful people whose accounts were compromised. His handle tweeted two messages, one giving the link and message about bitcoin doubling game and the other about the bitcoins returned. The message about the bitcoins returned was faked to attract more people by giving them a proof.

Many more stars like Kim Kardashian, Floyd Mayweather, Make out hill and many more got compromised.

According to twitter, as it stated on @twittersupport, the “coordinated social engineering attack” was performed by hackers who “successfully targeted some of our employees with access to internal systems and tools”. Twitter says that “We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it”. Twitter confirms that as a part of immediate actions it has reduced the functionality of the compromised accounts and also the verified accounts all over the world. Also, Twitter has made adequate awareness for new people not to fall in this trap.

What was Twitter’s response to this hack?

The theory that Twitter believes is that a hacker gained access to a Twitter “admin” tool on the company’s network that allowed them to hijack high-profile Twitter accounts to spread a cryptocurrency scam, according to a person with direct knowledge of the incident. The hacker then took over the most high-profiled and powerful accounts and then started posting a similar kind of tweet asking to send bitcoins through a suspicious link and a double return will be provided.Twitter confirms that as a part of immediate actions it has reduced the functionality of the compromised accounts and also the verified accounts all over the world. Also, Twitter has made adequate awareness for new people not to fall in this trap. It also informed users that they maybe be unable to tweet or reset passwords till the micro-blogging platform reviewed the incident.Kayvon Beykpour, Twitter’s product lead twitted to apologise for “the disruption and frustration this incident has caused our customers”. The Twitter is still investigating on the whole incident and who was involved into it.All the information is being shared every now and then on @twittersupport.

Impact of the “Twitter hack”

The impact of this hack is large because very important and high-profiles were targeted to perform this scam. The US is in its election year. Last year also the social media was manipulated for political agendas using such type of scams.People who fell in this trap suffered a loss of bitcoins in the greed of double. Also, this is actually a warning to many social media platforms that they possess the biggest vulnerability to get hacked. The users must also now get cautious and must ensure their safety over these social media platforms or anywhere online. The technology giants like Microsoft, Oracle and especially Apple will now ensure more security over the internet.

Blog Written By Veera Patel Linkedin



The Hackers Meetup

Initiative of @viralparmarhack to provide a proper platform for cyber security researchers & like-minded people to establish a community.