Twitter hack raises security questions as US elections near

San Francisco (AFP) –


Twitter is probing a massive hack of high-profile users from Elon Musk to Joe Biden that has raised questions about the platform's security as it serves as a megaphone for politicians ahead of November's election.

Posts trying to dupe people into sending hackers the virtual currency Bitcoin were tweeted by the official accounts of Apple, Uber, Kanye West, Bill Gates, Barack Obama and many others on Wednesday.

"We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools," Twitter said.

The fraudulent posts, which were largely deleted, said people had 30 minutes to send $1,000 in the cryptocurrency, promising they would receive twice as much in return.

A total of 12.58 bitcoins -- worth almost $116,000 -- were sent to email addresses mentioned in the tweets, according to the site, which monitors crypto transactions.

The account of President Donald Trump, which has 83.5 million followers, was not targeted.

With the presidential election just over three months away, the influence that social media platforms have on politics has become a hotly debated issue in the campaign.

Just hours before Wednesday's hack, the House of Representatives Committee on Oversight and Reform called for the appointment of a national cybersecurity czar.

In a sign of their growing role in public life in America, social media have become essential geopolitical tools, especially in times of crisis.

"For US decision-makers, Twitter presents a bit of a paradox," say Heather Williams and Alexi Drew, who just published a book on Twitter's place in diplomacy for the Centre for Science and Security Studies at King's College in London.

"On the one hand, tweets from government officials may help shape the American public narrative and provide greater insights into US decision-making to reduce misperception by foreign actors," they wrote.

"On the other hand, tweets may increase misperception and sow confusion during crises, creating escalation incentives for an adversary," Williams and Drew wrote.

- Blue checkmarks -

Twitter said it had locked down the affected accounts and removed the tweets posted by the hackers.

Neither Trump's personal account nor the official White House account were targeted.

"It's because the president's account had already been deleted by a Twitter contractor several years ago and it looks as if they have put a bunch of protections around that account," the former head of security at Facebook, Alex Stamos, said on CNBC.

Indeed, in November 2017 Trump's account was deactivated for 11 minutes by a Twitter employee on their last day on the job.

Vice reported that a Twitter insider was responsible for the new hack, citing leaked screenshots and two anonymous sources apparently behind the hack, one of whom told the media outlet they had paid the employee.

US Senator Josh Hawley tweeted a letter to Dorsey expressing concern over privacy for the San Francisco-based company's millions of users worldwide.

"I am concerned that this event may represent not merely a coordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself," he said.

-'Giving back'-

The tweet that appeared on Tesla founder Musk's Twitter feed said: "Happy Wednesday! I am giving back Bitcoin to all of my followers. I am doubling all payments sent to the Bitcoin address below. You send 0.1 BTC, I send 0.2 BTC back!"

It added that the offer was "only going on for 30 minutes."

The fake messages that appeared on other famous accounts made similar promises of instant riches.

One version of the scam invited people to click on a link at which they would be exploited.

Twitter has been targeted by hackers in the past.

In March 2017, the accounts of Amnesty International, the French economics ministry and the BBC's North America service were broken into by hackers believed to have been followers of Turkish President Recep Tayyip Erdogan.