I think there are three possible explanations here:

1- (Tinfoil hats please) This is a state owned attack, which is a retaliation from US Government to ruin Twitter's credibility and introduce social media regulations.

2- The hackers are gray hat hackers, who know that reporting this vulnerability will not make them any money and they want to get what they think they deserve, so they make it public and get some good amount of cash.

3- The hackers had realized they had a massive vulnerability in their hands by accident and did not know what to do with it.

I find second and third option plausible, which also reminds me of the npm hack, where a very, very popular library was compromised and installed on a huge amount of developer machines, but only thing they did was to try to get hold of some bitcoin accounts.

I do not condone any type of crime but in both cases, it feels like a huge opportunity was missed by both hackers.

Another option is that the BTC was nothing but proof that they compromised those accounts. They had full access to the compromised accounts including any private messages. Now there is public proof that they compromised those accounts and a BTC account they can send funds from to prove it is the same group. This allows them to sell those private DMs along with proof of authenticity.

This possibility makes quite a bit of sense to me. It explains why the attackers went to so much trouble, given that world leader and major CEO DMs could be quite valuable, while also explaining why they bothered with the seemingly trivial crypto scam.

They also don't even need incriminating DMs, they can release fake DMs and use the BTC address to prove "authenticity" to the media. Released at the right time that could be quiet valuable to certain people.

Regarding #1, my thinking was this is China or their allied nations (North Korea, Iran etc). The US has taken extremely forceful steps on China in the last couple of days. This could be their response; discrediting a huge piece of the American crown jewels (big tech companies) and making it a laughing stock.

Just the massive blast radius of the hack reminded me of the NK Sony hack and release of documents. Big up yours to Hollywood from Kim Jong.

I would expect state actors to have gone for a lot more damage than "make Twitter look stupid". Also, all the high-profile state actor hacks I'm aware of were a lot more clandestine - it was months before they were discovered. State actors are highly professional, they're in it for the long haul, and they do serious damage.

The "massive blast radius" of this hack lies more in the damage it could have done, rather than the damage it actually did. This amateur execution makes me think it was some small-time cyber criminal who happened to have the bright idea of bribing a Twitter employee, but didn't have the know-how/creativity/patience to reap its full benefits.

Trump wants nothing more than to “win” against perceived competitors.

Remember when Twitter fact checked those Trump tweets?

Trump is the type of petty person to not let something like this go.

Could also be a #4 that additional data has been exfiltrated that hasn't come to light yet (the DMs of said accounts perhaps?).

Interesting. I assume those accounts are not used by actual people but managed by social media companies, so the DMs should not be anything personal anyways.

> selling or using insider information, blackmail, shorting Tesla, taking out politicians, etc.

Can't it just be that they're not that knowledgeable about stuff outside their domain? The things you mentioned require knowledge of stocks and politics. If I, personally, woke up tomorrow with access to a Twitter backdoor and the desire to exploit it, I wouldn't know how to do any of those things, because I also don't know anything about stocks or politics.

It would be pretty easy. You could just post on reddit or 4chan and ask "If you could make anyone on Twitter post anything, what's the most you could earn?" And people who know a lot about a lot of things would give you ideas. It's just not smart to use the hack for just this.

Example: Contact Trump's kids. Demonstrate your power. Tell them you'll make Joe Biden tweet "8 year old girl nude hair" at a time of their choosing, in exchange for 5 million BTC held in escrow. This doesn't require anything more than knowing that Trump is rich and corrupt and that Biden is his opponent.

A variation of this is that you demonstrate the power to rich public figures and tell them that unless they pay you X, you'll do it to them to make them look bad. Then you don't even need to use your exploit.

I think this was probably worth tens of millions, and they blew it on 100k.

5 million BTC is about US$45 billion.

He probably meant $5 million USD in BTC.

> Example: Contact Trump's kids. Demonstrate your power. Tell them you'll make Joe Biden tweet "8 year old girl nude hair" at a time of their choosing, in exchange for 5 million BTC held in escrow. This doesn't require anything more than knowing that Trump is rich and corrupt and that Biden is his opponent.

And then you get tracked down and killed by a three-letter agency. I think people underestimate how risk-free receiving small amounts of btc from random schmucks is, and how risk-averse these hackers may be.

> I think people underestimate how risk-free receiving small amounts of btc from random schmucks is,

I agree with this

> and how risk-averse these hackers may be.

And I agree with this statement in most cases, but not in this particular one. The wide spread and super high profile nature of this attack makes it a high risk play no matter what. Being cautious when it comes time to collecting the loot seems like too little too late for them to get away easily.