npm i bitcoin-regex

Temporarily block anything that matches the format of a bitcoin address?

Then they'll just start obscuring addresses by interspersing them with spaces or posting links to third-party sites containing the address.

It's an unending game of cat and mouse. IMO Twitter's efforts at this point are much better spent on finding out how the hack occurred and cutting it off at the source.

Seems like a "red alert" mode would be most useful to leave twitter as read only