We detected what we think to be a collaborated social engineering attack by individuals who effectively targeted a few of our employees with access to internal systems and tools.– Twitter Support (@TwitterSupport) July 16, 2020
Many of these accounts tweeted some variation of the very same message: If somebody were to send Bitcoin to the address specified in the tweets during a 30-minute window, the account owner would return double the amount. All of the tweets sent from these prominent accounts directed victims to the very same Bitcoin address.
By this point, Twitter had caught on and was attempting to contain the account breaches. In an effort to avoid more scammy messages being shared, Twitter briefly removed the capability for validated users to tweet. If the owners of those accounts wanted to interact on the platform, they either needed to create short-lived accounts, retweet existing tweets, or both. (Meanwhile, non-verified Twitter users essentially had a field day.) Twitter appeared to get the situation under control and brought back validated users capability to tweet at around 8:30 PM Eastern.
At that time, Twitter verified that it had opened an investigation into the hack, and one day later on, the FBI validated that it was launching an examination of its own.
How did these accounts get hacked?
At this time, Twitters examination is still ongoing, and there is little in the way of definitive information. With respect to the hack itself, heres what the company has actually verified up until now:
A few of its workers were targeted in a social engineering attack because of their access to “internal systems and tools.” The hackers had the ability to “take control” of validated and high-profile Twitter accounts, and released the fraud tweets “on their behalf” In the wake of the hack, Twitter has taken actions to restrict access to the aforementioned internal systems and tools, at least for the duration of the examination.
The @TwitterSupport account has been largely peaceful because providing those declarations, however its crucial to note that some news reports published in the wake of the hack stand at chances with Twitters main story.
As pointed out, Twitter stated some of its employees fell prey to a social engineering attack. According to unnamed sources who supposedly took over some of the accounts themselves, hackers bribed at least one Twitter staff member for access to effective platform controls.
Motherboards interview revealed the existence of a control panel that specific Twitter workers have access to, which allows them to– amongst other things– alter the e-mail addresses connected to particular Twitter accounts. By altering info associated with some of those prominent accounts, the hackers were able to temporarily transfer ownership to themselves.
Most of these accounts tweeted some variation of the very same message: If someone were to send out Bitcoin to the address specified in the tweets throughout a 30-minute window, the account owner would return double the quantity. If the owners of those accounts wanted to interact on the platform, they either had to develop temporary accounts, retweet existing tweets, or both. According to unnamed sources who supposedly took over some of the accounts themselves, hackers bribed at least one Twitter worker for access to powerful platform controls.
Motherboards interview revealed the existence of a control panel that specific Twitter employees have access to, which allows them to– among other things– change the e-mail addresses linked to specific Twitter accounts.
