Twitter Accounts of Elon Musk, Kanye West, Joe Biden Hacked in Apparent Bitcoin Scam

Bethany Clarke/Getty Images

The compromised accounts all tweeted the same message, offering to "give back to the community" to people who sent Bitcoin to a specific wallet address.

Twitter said "a coordinated social engineering attack" that targeted some of its employees was the reason for a breach to its system on Wednesday that led to the hacking of several high-profile Twitter users' accounts, including those of Democratic presidential candidate Joe Biden, billionaire Elon Musk and musician Kanye West.

On Wednesday afternoon, several verified accounts belonging to public figures began to tweet similar messages offering to "give back to the community" in what appeared to be a cryptocurrency scam. The tweets shared a Bitcoin wallet address and told Twitter users that they would double any amount sent in. 

Accounts that shared versions of the message include former Microsoft CEO Bill Gates, Amazon CEO Jeff Bezos, former president Barack Obama and former New York City major Mike Bloomberg. The accounts for brands including Apple and Uber were also compromised. 

Around an hour after the tweets first started appearing, Twitter Support posted that it was aware of a security incident. "We are investigating and taking steps to fix it," the tweet reads. "We will update everyone shortly."

The company followed up, saying that users "may be unable to Tweet or reset your password while we review and address this incident." The disabling of tweets appeared to impact verified users with blue check marks on-and-off throughout the afternoon. Those users couldn't send new tweets but were able to send replies and retweets. 

The wallet address associated with the messages is showing regular activity, indicating that some Twitter users may have fallen for the scam. According to Blockchain.com, which publicized cryptocurrency transactions, the address has received more than $110,000.

On Wednesday night, Twitter CEO Jack Dorsey posted, "Tough day for us at Twitter. We're diagnosing and will share everything we can when we have a more complete understanding of exactly what happened."

The Twitter Support account followed up with a series of messages, telling users that most accounts should be able to tweet again but that the functionality could "come and go" as employees worked to return the service to normal. The company said that its investigation was still ongoing but that it had detected "what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools." It also said it was looking into what other information the hackers may have accessed. 

5:10 p.m. Updated with additional details on the disabling of some users' tweets. 

7:40 p.m. Updated with Dorsey's tweet.

7:55 p.m. Updated with new details from the Twitter Support account.