Earlier today a number of cryptocurrency-related and other Twitter accounts were taken over and used to advertise a scam. The hacked accounts include: Binance, Coinbase, Ripple, Elon Musk, Justin Sun, CoinDesk and many other well-known accounts.
Hackers take over Twitter accounts of crypto exchanges and individuals
In a relatively short timespan, a message that announced a partership with "CryptoForHealth" was sent out and 5000 BTC were promised to be given back to the community. A link to a website was shared, that was used to carry out the scam.
In the meantime the malicious Tweets are no longer visible.
Multi-factor authentication bypassed?
According to this article by CoinDesk, some of the accounts had multi-factor authentication activated. The fact that they were still taken over suggests that the fault for this hack may lie on Twitters side. It should not be possible to bypass a multi-factor authentication easily, especially not for a variety of accounts.
Two wallets of the hackers are the following:
https://www.blockchain.com/btc/address/bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh
https://www.blockchain.com/btc/address/1Ai52Uw6usjhpcDrwSmkUvjuqLpcznUuyF