Yesterday's massive hack of dozens of prominent Twitter accounts appears to have been carried out by someone with internal access, the social media company announced last night (July 15)
"We have detected what appears to be a coordinated social engineering attack targeting some employees with access to internal systems and tools," the Twitter support account posted
"We know they used this access to control a number of high-profile accounts (including authenticated accounts) and tweet on their behalf," Twitter support added" We are looking into other malicious activity they may have done and information they may have accessed, and we will share more here as we get it"
Joseph Cox of Vice News went further and said it could have been an inside job He spoke to two unnamed hackers who said they paid Twitter staff to do "all the work for us" However, it is not yet clear whether the alleged traitors gave the hackers access to administrative tools or whether they actually hijacked the accounts
TechCrunch's Zack Whittaker said unnamed sources told him that all the activity yesterday was the work of a single hacker using the name "Kirk"
Kirk was apparently using Twitter management tools to steal and sell desirable Twitter handles, but yesterday he discovered that he could make a lot more money by dragging high-profile accounts into a simple bitcoin double-dealing scam
The main bitcoin account advertised in yesterday's hack earned about 129 bitcoins, or about $117,000
Various screenshots flying around the Internet late yesterday claimed to show Twitter's back-end management interface; as with anonymous statements to Vice and TechCrunch, none could be confirmed
"The attack that happened yesterday is probably one of the worst security incidents on Twitter"
"We have seen breaches of high-profile accounts used to post cryptocurrency-related scams in the past, but they pale in comparison to this incident [Insider attacks are the worst case scenario for any online company This is because administrator interfaces often allow a "god mode" that bypasses security and privacy restrictions But it would certainly explain why so many high-profile accounts, even those with special security measures, were breached in such a short period of time
"If the attackers knew who had access to the inner workings of Twitter, that's pretty scary," opined Simon Sherwood of The Register 'If it was a broader attack, it suggests that Twitter's phishing defenses might need some improvement If it was an inside job, Twitter has a major trust and classification problem"
The only saving grace so far is that the intruder did nothing more with the hijacked account and instead stayed with the run-of-the-mill bitcoin scam
As noted by online observers, they used Elon Musk's account to raise or lower Tesla stock, used Joe Biden's account to announce a fake Democratic presidential platform change, and used Apple's account to fake gadgets to advertising the gadget
In case you're wondering about Twitter's chief executive, a source told The New York Times that President Donald Trump's account, temporarily deleted by an angry Twitter staffer in 2017, was uniquely form of ultra-secure protection, he said
There is still a risk that this whole incident was a smokescreen for something bigger By accessing Twitter's God Mode, an intruder could presumably gain access to the direct messages of the famous account and all the important secrets contained therein
Twitter CEO Jack Dorsey commented on the incident last night, saying, "We all feel terrible that this happened "
One of the most frightening aspects of the mass Twitter hack is that the intruder broke into an account protected by two-factor authentication (2FA) 2FA is a system that allows account users to log in from a previously unused device by adding information about the device they have The 2FA is a request to add the information of the device that the user has when logging in from a device that was not used before
2FA makes it much more difficult for an attacker to hijack an account, even with a password However, antivirus company Kaspersky tweeted an additional security feature of Twitter that we were unaware of
It is unclear whether this feature will withstand attackers gaining control of Twitter's administrative tools, but it is an additional layer of protection that is nice to have
Comments