Scammers hijack Twitter accounts of Joe Biden, Bill Gates and others to promote cryptocurrency

The cause of the breach was not immediately clear.
Twitter login, Twitter authentication, twitter coronavirus

Hackers on Wednesday took over a series of high-profile Twitter accounts — including those of presumptive Democratic presidential nominee Joe Biden and Microsoft co-founder Bill Gates — to promote cryptocurrency scams in a remarkable security breach.

A series of similarly worded tweets promoting bitcoin, a type of cryptocurrency, began appearing from the compromised accounts around the same time on Wednesday. The Twitter account of cryptocurrency exchange Gemini appeared to be swept up in the scam, as did Apple’s official Twitter account.

Hours after it began investigating the incident, Twitter said it appeared to be “a coordinated social engineering attack” against some Twitter employees “with access to internal systems and tools.” Twitter said it was “looking into what other malicious activity [the attackers] may have conducted or information they may have accessed and will share more here as we have it.”


Among the other accounts temporarily compromised were those belonging to musical artist Kanye West, Tesla CEO Elon Musk and former president Barack Obama.

Twitter had temporarily prevented at least some verified users from tweeting in a bid to address the issue. That temporarily kept accounts such as the National Weather Service from tweeting important weather updates and the New York City subway from tweeting train information to commuters. After a couple of hours of interruption, some verified users were again allowed to tweet on Wednesday evening.

Rob Joyce, a longtime National Security Agency official, noted the hackers could have done a lot more with their access to the breached accounts.


The accounts tweeted the same bitcoin wallet address, As of 6 p.m. EDT Wednesday, the wallet had received over $113,000 in bitcoin.

Following the breach, Sen. Josh Hawley, R-Mo., wrote to Twitter CEO Jack Dorsey asking him to draw on support from the Department of Justice and the FBI in responding to the breach. Hawley also asked Dorsey if any Twitter accounts that employed two-factor authentication were targeted in the attack, and if any Twitter users that did not share the bitcoin promotional messages were compromised.

This is a developing story and will be updated as information becomes available.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts