Several high-profile Twitter accounts have been hacked in what appears to be a Bitcoin scam.
Twitter said it was investigating a “security incident” after fake tweets were posted on the accounts offering to send $2,000 for every $1,000 sent to a Bitcoin address.
Among those affected were former US president Barack Obama, Democratic presidential candidate Joe Biden and billionaire Elon Musk.
Businessman Mike Bloomberg, Amazon chief Jeff Bezos, reality TV star Kim Kardashian, rapper Kanye West, Microsoft co-founder Bill Gates and the corporate accounts for Uber and Apple were also reported to have been hit by the scam.
Blockchain records showed the suspected scammers had received more than $100,000 worth of cryptocurrency, according to Reuters.
Just before 11pm UK time, Twitter said it was investigating a “security incident impacting accounts”, adding: “We are investigating and taking steps to fix it. We will update everyone shortly.”
The cause of the breach has still not been revealed and, meanwhile, Twitter has stopped some users from tweeting and resetting their passwords while investigations continue.
More from Science & Tech
Amazon issues urgent ‘overheating’ warning about Echo Buds earphones
Elon Musk’s SpaceX ‘Starlink Router’ set to power satellite-based broadband revealed in regulatory filing
Huawei: Trust ‘seriously damaged’ between UK and China over ban, Chinese ambassador says
Record methane levels found in atmosphere (and burping cows are major contributor)
Apple and Ireland win appeal over EU’s €13bn tax demand
Fahim Saleh: Tech entrepreneur ‘found dismembered’ in luxury New York City apartment
Some of the offending tweets were deleted but on some accounts, such as Musk’s, they quickly reappeared.
Elon Musk fakes steal thousands a day through Twitter
Experts were surprised at the scale of the incident, which suggested the hackers may have gained access through Twitter’s system, rather than through individual accounts.
Michael Borohovski, director of software engineering at security company Synopsys, said: “It is highly likely that the attackers were able to hack into the back end or service layer of the Twitter application.
“If the hackers do have access to the backend of Twitter, or direct database access, there is nothing potentially stopping them from pilfering data in addition to using this tweet-scam as a distraction,” he added.
Dmitri Alperovitch, co-founder of cybersecurity company CrowdStrike, said: “This appears to be the worst hack of a major social media platform yet.
“We are lucky that, given the power of sending out tweets from the accounts of many famous people, the only thing that the hackers have done is scammed about $110,000 in bitcoins from about 300 people.”
Shares in Twitter were down by more than 3% in after-hours trading on Wednesday in the US.