SAN FRANCISCO — One by one, the Twitter accounts of some of the most prominent people in American business and politics started displaying the same message on Wednesday afternoon: Send Bitcoin to the link below and you will double your money. The names included Joseph R. Biden Jr. and Barack Obama, Kanye West and Bill Gates, and countless more.
But it was all a scam, the result of one of the most brazen online attacks in memory.
A first wave of attacks went after cryptocurrency-related companies and personalities at midday on the East Coast, but over the course of a few hours the prominence of the victims increased. Many of the tweets were quickly removed, but in some cases similar tweets were sent again from the same accounts.
Twitter appeared to be essentially powerless to stop them. The company eventually disabled broad swathes of its service as it worked to stop the attack. “You may be unable to Tweet or reset your password while we review and address this incident,” the company said in a statement.
The attack was a major show of force by attackers who seized a key means of communication for a Who’s Who list of Americans. The hackers did not use their access to take aim at any important institutions or infrastructure like the stock market — instead deciding to just ask for Bitcoin.
But the attack was frightening because the hackers could have easily caused much more havoc. There was quickly speculation on what would have happened had the attackers instead tried to move the financial markets or sow political chaos. The attack exposed the vulnerability of a company, Twitter, that has become the nation’s de facto real-time news source.
The messages were a version of a long-running scam in which hackers pose as public figures on Twitter, and promise to match or even triple any funds that are sent to their Bitcoin wallets. In the past, hackers have created fake accounts to try to convince users that the funds will be going to public figures like Mr. Musk or Mr. Gates. The attacks Wednesday were the first time that the real accounts of public figures were used in the scam.
Accounts belonging to Mr. Musk, the Tesla chief executive, and Mr. Gates, the Microsoft mogul, were among the first prominent Twitter accounts to be compromised. Within the hour, Mr. West’s account was hit along with many more. The accounts have huge followings. Over 51 million accounts follow Mr. Gates, while Mr. Musk’s Twitter account is followed by 36.9 million.
Mr. Musk has frequently been a target of scammers seeking to steal Bitcoin. In the past, scammers have created accounts that imitated Mr. Musk and replied to his tweets, trying to trick users into sending them money.
A spokesman for the Biden campaign confirmed that Twitter had removed the tweet promoting the scam and locked down Mr. Biden’s account. But the message was repeatedly posted and deleted on Mr. Musk’s and Mr. West’s accounts.
Twitter has fallen victim to breaches before. Last August, hackers compromised the account of Twitter’s chief executive, Jack Dorsey, and posted racist messages and bomb threats. Mr. Dorsey’s account was taken over after hackers transferred his phone number to a new SIM card, which stores a phone’s number. The practice, known as SIM-swapping, allowed hackers to tweet from Mr. Dorsey’s account.
This is a developing story. Check back for updates.