Twitter Bitcoin Hack: Attackers Hijack Obama, Biden, Musk, and Apple Accounts to Steal $120,000 in Bitcoin Scam
Incident Details
Summary
On July 15, 2020, attackers used a phone spear-phishing attack to gain access to Twitter's internal admin tools, then hijacked over 130 high-profile verified accounts including Barack Obama, Joe Biden, Elon Musk, Bill Gates, Apple, and Uber to post a Bitcoin scam promising to double any BTC sent to a wallet address. Victims sent approximately $120,000 in Bitcoin before Twitter took emergency action to lock the accounts. Three suspects were later charged: 17-year-old Graham Clark of Tampa, Florida was identified as the ringleader; Mason Sheppard and Nima Fazeli were also indicted. Clark pleaded guilty and was sentenced to three years in juvenile prison. The attack exposed critical vulnerabilities in Twitter's internal access controls and marked one of the most high-profile social media platform security failures in history.
Related Incidents
News Explorer — Ethereum User Loses $600K in Address Poisoning Scam - Decrypt
An Ethereum user lost $600,000 on February 17, 2024, after falling victim to an address poisoning scam. This crypto scam involved fraudsters sending spam transactions from similar-looking addresses to confuse the user during cryptocurrency transfers. The incident highlights a common method used by scammers to cause significant financial losses for users.
Weekly Blockchain Blog - February 2026 #3 | BakerHostetler - JDSupra
Daren Li, a dual national, was sentenced in absentia to 20 years in prison for laundering more than $73 million obtained through an international cryptocurrency investment scheme. The scam operated from centers in Cambodia. Li had previously pleaded guilty in November 2024 but fled supervision in December 2025. The U.S. Department of Justice announced his sentencing.
WazirX Exchange Hacked for $230 Million by North Korea's Lazarus Group; Indian Customers' Funds Frozen
On July 18, 2024, hackers drained approximately $230 million — nearly half of WazirX's total assets — from the Indian crypto exchange's multi-signature wallet. Blockchain analysts including Elliptic attributed the attack to North Korea's Lazarus Group. WazirX suspended all withdrawals following the hack, freezing funds for millions of Indian users. The exchange filed for restructuring in Singapore and faced lawsuits in India. The hack illustrated the continued vulnerability of centralized exchanges to state-sponsored cryptocurrency theft, and the devastating impact on retail users who keep assets on exchanges.