A
A
A
This past week, Twitter followed up with an update about a recent attack it received on its platform a few weeks ago. The service was hacked by an individual or group that pushed unsolicited tweets to a number of high profile accounts.
The actual attack itself occurred on July 15th and resulted in tweets from accounts that included former President Barack Obama, Democratic Presidential candidate Joe Biden, Tesla and SpaceX CEO Elon Musk Elon Musk, Microsoft co-founder Bill Gates and others. The tweets asked for users to send $1,000 to a Bitcoin account that would then result in the user later getting $2,000 sent back. A significant number of people did fall for this scheme with the account receiving cryptocurrency worth almost $120,000 according to what is recorded in blockchain. There may have been other motives than just money that were for political reasons as these accounts did have access to some sensitive information.
Read More »
Twitter has more than 300 million users while the accounts that were targeted reach a countless number of people. The fact that all of these accounts were fairly well respected figures in society also may have swayed people on the fence to fall for the scheme.
The social media company now says that the hack can be categorized as a phone “spear phishing attack” which targeted Twitter’s employees. This means that whoever implemented the attack got access to the site’s internal system because an employee unknowingly gave them the information thinking they were privy to it. Thus, the hacker is likely to have impersonated someone else and not gotten caught.
The company did not go into full specifics about exactly what tool was accessed by the hackers or issue full details about how it was implemented, but screenshots of the tool have circulated around the internet since the hack. The tool is used to reset account emails and recover the passwords of these accounts.
There have been several statements made that maintain that it was a Twitter employee who was paid by the hackers to have the email addresses of the accounts that were targeted be changed. This would then allow the hackers to attain access.
Prior to this announcement, which was done on Twitter’s blog and a number of tweets, the company had simply maintained its tools had been compromised in some way in the unwanted attack. In a tweet made on the company’s support account it asserted, “This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems.”
The hacker was able to get employee credentials and then target other employees with access to the companies support tools. From there, 130 accounts were targeted and 45 actually sent out tweets. 36 DMs were sent to different accounts while 7 accounts had their Twitter Data downloaded.
The company decided to put a lock on features and accounts for a large number of users directly following this phishing attack. The offending tweets were all deleted by the company and verified accounts were disabled for some time. For the most part, these features have been restored for these users, however, the impact still remains for the “Your Twitter Data” download component. The company has also limited the ability to access the internal tools channel as a precautionary measure while they work on improving their security in this area. This may lead to slower response times when it comes to handling support for the immediate future.
The fact that things were not any worse than they ended up is very fortunate. Of course, these revelations come right as lawmakers were questioning representatives from other big tech companies, Google, Facebook, Apple, and Amazon, about their own business practices. Security and privacy remains a deep concern with each of these companies and this is another example of what could occur if there is not a high enough level of emphasis placed in this area.
Inevitably, there will be more news about both this investigation and about Twitter beefing up its security and perhaps looking into its own employees. The impact on a similar type breach during something like the upcoming Presidential election has serious implications, so it is a top priority for the social networking giant to clamp down now. The FBI is still continuing its investigation.
