
Twitter Hacked on a Large Scale: The Rumors and Truth Behind It
TechFlow Selected TechFlow Selected

Twitter Hacked on a Large Scale: The Rumors and Truth Behind It
Twitter said that during the investigation, some users may be unable to tweet or reset their passwords.
Source | CertiK
"Send me a 100 yuan red envelope, and I'll give you 200 tomorrow."
Only someone you completely trust would dare send money expecting a return. Law enforcement programs often showcase similar scams to warn the public. Yet at the core of such frauds lies one word: trust.
At around 3:00 AM Beijing time on July 16, 2020, researchers from the CertiK security team detected that several high-profile accounts on the popular social media platform Twitter had been compromised. All of these hacked accounts posted the same Bitcoin scam message.
“As a thank-you to everyone (in support of Bitcoin), I'm giving back. Send $1,000 to the following address, and I’ll send you $2,000 in return. This offer is valid for only 30 minutes!”
Screenshot by CertiK Security Experts
The cyberattack initially targeted figures in the blockchain industry, including CEOs of exchanges such as Gemini, Coinbase, Binance’s CZ (Changpeng Zhao), Tron’s CEO Justin Sun, and blockchain news outlet Coindesk—all of whom were attacked and posted the fraudulent message.

All images above are screenshots provided by CertiK security experts
The attack then spread virally across Twitter, affecting prominent accounts including Bill Gates, Amazon founder Jeff Bezos, Bloomberg founder Michael Bloomberg, Apple's official account, Tesla CEO Elon Musk, famous rapper Kanye West, former U.S. President Barack Obama, and Joe Biden—none were spared.
Hackers breached Twitter, a platform many believed—even if skeptically—was too secure for even a former U.S. president’s account to be hacked. Exploiting public trust in both Twitter and the credibility of public figures, the hackers made the scam appear legitimate.
To date, the hacker’s wallet has received a total of 12.86 BTC, equivalent to $118,209 USD or 825,805 RMB.

Rumors Circulating Online
1. Twitter Employee Accounts Were Compromised, Granting Hackers Access to Admin Panels
Screenshots circulating on Telegram allegedly show Twitter employee admin interfaces. According to this theory, hackers used the admin panel to change users’ email addresses, redirecting password reset links to emails they controlled, thereby gaining full access to targeted accounts.
2. Hackers Exploited a Recently Disclosed Vulnerability to Attack Twitter Servers and Gain Admin Access
Yesterday, a critical vulnerability in Windows DNS servers (CVE-2020-1350) was publicly disclosed. By sending specially crafted requests, attackers can remotely execute arbitrary code. Some speculated that Twitter operates a public-facing Microsoft DNS server that hadn’t patched CVE-2020-1350. If exploited, this flaw could allow worm-like propagation without user interaction or authentication. Attackers may have leveraged this to infiltrate Twitter’s internal network and gain access to administrative tools, enabling them to alter user emails and hijack accounts via password resets.

Twitter's Official Response
The official cause of the account breaches has not yet been disclosed. However, at 5:45 AM Beijing time on the same day, Twitter issued an official statement confirming they were actively investigating the incident.
Twitter later added that during the investigation, certain users might temporarily lose access to tweeting or password reset functions.
Security Measures and Recommendations
While individual social media account compromises occur frequently, large-scale hacks like this one stand out as major incidents in what has already been a chaotic year in 2020. Here, the CertiK security team compiles key steps to strengthen your Twitter account security.
1. Revoke Third-Party Apps Authorized to Access Your Twitter Account
After logging into Twitter, navigate to More → Settings and privacy → Account → Data and permissions → Apps and sessions. This section displays all third-party applications currently authorized to access your account and active login sessions. CertiK recommends regularly reviewing these apps, removing unnecessary ones, and logging out of suspicious sessions.
2. Enable Two-Factor Authentication (2FA)
After logging into Twitter, go to More → Settings and privacy → Account → Security → Two-factor authentication. You can choose from SMS verification, authenticator apps like Google Authenticator, or physical security keys. Enabling 2FA significantly reduces the risk of account theft, even if your password is compromised.

An Ineffective Bug Bounty Program?
Insufficient Investment in Security
Twitter runs a bug bounty program on HackerOne (https://hackerone.com/twitter). Critics have pointed out that Twitter offers only $7,700 for vulnerabilities leading to account takeovers—while the recent hack has already netted over $100,000. This stark contrast raises serious questions.
For many companies, security seems unimportant until a breach occurs—until then, investing in it feels unnecessary. But once compromised, the resulting losses are immeasurable.
CertiK wants to remind everyone: even a seemingly robust platform like Twitter can fall victim to hacking. Never assume any project is 100% secure. If there's even a 0.00000000000001% chance of being attacked, Murphy’s Law guarantees it will happen eventually. Therefore, investment in security is non-negotiable. As a world-leading blockchain security expert, CertiK helps you identify that 0.00000000000001% vulnerability—and eliminate it. For inquiries, please contact us at [email protected].
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News














