Twitter suffered from a major hack about two weeks ago and has now said that its staff was tricked by “spear-phishing”, which is a targeted attack to trick people into simply handing out their passwords.
Twitter staff were targeted through their phones, according to a new report from the BBC. The attacks then allowed hackers the ability to Tweet from celebrity Twitter accounts. Twitter has said it was “taking a hard look” at how it could improve its permissions and processes.
“The attack on July 15, 2020, targeted a small number of employees through a phone spear phishing attack. This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” Twitter wrote on Wednesday.
The attack on July 15, 2020, targeted a small number of employees through a phone spear phishing attack. This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems.
— Twitter Support (@TwitterSupport) July 31, 2020
By obtaining employee credentials, they were able to target specific employees who had access to our account support tools. They then targeted 130 Twitter accounts – Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7.
Twitter also said the direct messages of 36 accounts were accessed.
Recall, just days ago we reported that Twitter has had trouble controlling the number of its employees with the ability to reset user accounts. In fact, Jack Dorsey and Twitter’s board were warned about the growing problem “multiple times since 2015”, according to four former Twitter security employees and “a half dozen” other people close to the company.
The problem is so well known that contractors reportedly made a game out of creating bogus help-desk inquiries in 2017 and 2018 so they could open up celebrity accounts – giving them access to personal data and IP addresses. In other words, Twitter is stalking its users…
Recall, we reported about two weeks ago that Twitter had said 130 accounts were compromised during the hack. We also noted that the FBI had launched an official inquiry into the massive security breach, according to Reuters.
The FBI said two weeks ago: “We are aware of today’s security incident involving several Twitter accounts belonging to high profile individuals. The accounts appear to have been compromised in order to perpetuate cryptocurrency fraud.”
Twitter had initially commented that there was “no evidence that attackers accessed the passwords of its users”.
The massive hack allegedly originated from a Twitter employee with access to the company’s user management panel. The hack affected hundreds of billionaires and politicians, including Barack Obama, Joe Biden, Bill Gates, Kanye West, Elon Musk, Wiz Khalifa, Apple, Uber, Jeff Bezos and Benjamin Netanyahu.
Tweets urged people to send money to a Bitcoin address; over $113,000 was sent.
For the full details on the hack, you can read our report on it here. In addition to the hack, a subplot emerged when we reported that sources “close to or inside” the underground hacking community leaked a screenshot of what is allegedly an internal software panel used by Twitter to interact with user accounts.
The tool was said to be used to help change ownership of popular accounts and, in the case of the hack, was said to play a role in usurping the high profile accounts involved. Screenshots of the supposed internal software are being aggressively pursued and deleted from Twitter by Twitter itself, with the company claiming that they violate the platform’s rules.
Of particular interest are the buttons labeled “SEARCH BLACKLIST” and “TRENDS BLACKLIST”.
We asked earlier this month: Could these be tools actively used by Twitter to censor what Tweets and topics appear during searches and on its trends page?