2020 Twitter account hijacking
A representative scam tweet, from Apple's hacked account | |
| Date | July 15, 2020, 20:00–22:00 UTC |
|---|---|
| Cause | Coordinated social engineering attack |
| Target | High-profile verified Twitter accounts |
| Outcome | At least 130 accounts affected. The bitcoin addresses involved received about US$110,000 in bitcoin transactions. |
| Arrests | 3, as of July 31, 2020 |
On July 15, 2020, between 20:00 and 22:00 UTC, 69 high-profile Twitter accounts were compromised by outside parties to promote a bitcoin scam. Hackers used social engineering against Twitter employees to gain access to administrative tools, allowing them to post the tweets directly. The scam tweets asked individuals to send bitcoin currency to a specific cryptocurrency wallet, with the promise that money sent would be doubled and returned – within minutes, one account received over 320 deposits with a value of over US$110,000 before the scam messages were removed by Twitter.
CrowdStrike co-founder Dmitri Alperovitch described the incident as "the worst hack of a major social media platform yet", and security researchers highlighted the risks of social media manipulation during large events such as the lead-up into the 2020 United States presidential election. On July 31, 2020, the U.S. Department of Justice announced charges against three individuals in connection with the incident.