Hackers have managed to access Twitter’s “internal systems and tools,” and used their access to compromise some of the most popular accounts on the social network and promote a bitcoin scam. Some experts warn that scam may, however, have been a cover for something worst.

As CryptoGlobe reported, hackers have compromised the accounts of high-profile figures and organizations, including those of apple, Uber, Bill Gates, Barack Obama, Joe Biden, Coinbase, CoinDesk, Binance, and Elon Musk. These accounts tweeted out a fake BTC giveaway that promised users they would double their funds if they sent them BTC.

Cryptocurrency-related scams have been a known issue on Twitter, with scammers impersonating popular cryptocurrency figures to try users into entering fake giveaways. The scammers have since expanded to use YouTube and other social networks, although no attack of this scale has been seen before.

The hack seemingly managed to make around $120,000 worth of BTC, an amount some experts deem small for the coordinated effort put into hacking Twitter. The microblogging platform revealed it was targeted by a “coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”

The fact the hackers managed to access Twitter’s internal systems suggested to some the hackers may have abused the access before promoting the fake cryptocurrency giveaway. Twitter said it was looking into other potential malicious activity in its security update.

While the microblogging platform claims the hackers gained access through a social engineering attack, a report published by Motherboard with an unverified interview with the hackers suggests they convinced a Twitter employee to help them hijacked the accounts

Take the circumstances into account various security experts claimed the attack could have been a “distraction” from something worse. Michael Borohovski, director of software at security firm Synopsys, told The Independent:

If the hackers do have access to the backend of Twitter, or direct database access, there is nothing potentially stopping them from pilfering data in addition to using this tweet-scam as a distraction.

Twitter user data could, for example, be sold on the dark web for more cryptocurrency. As reported, hackers are currently trying to sell the data of 142 million MGM Resorts guests for either BTC or XMR.

Featured image by Yucel Moran on Unsplash.