The series of influential Twitter account hacks reveals its first possible explanations. An employee of the social network would have contributed to the cyber attack.
On Wednesday, July 15 from 10 p.m., Twitter had one of the worst days in its history. In 14 years, the social network with the blue bird had never known such a scenario: in the space of 30 minutes, more than a dozen accounts among the most influential of tech, politics and the world cryptocurrencies have been taken over by a person or group of malicious people.
Elon Musk, Jeff Bezos, Barack Obama, Bill Gates, but also Apple, Uber and crypto accounts like Bitcoin and Binance posted a tweet sharing a Bitcoin scam, targeting everyone’s community to pay them a sum of money. money in cryptocurrency. It took more than an hour and a half before the first strong measures were taken by Twitter, which in the meantime has given itself the unique skill of quickly removing the tweets of scams appearing every minute.
What happened ? First tracks
In the early morning in France, the Twitter support account delivered its latest information: overnight, the accounts of certified users (Presse-citron was one of them) were blocked: they could no longer tweet or change their password. A measure to prevent malicious people from being able to carry out their actions.
At the same time, tech specialists at the Vice news site revealed the first tracks of the technique used and the perpetrators of the attack. According to two sources, “the hackers convinced a Twitter employee to help them hijack the accounts.” They are believed to have been members of the attack who reported on the testimony service of the Canadian news site.
“We used a representative who literally did all the work for us,” she said. On Twitter, the information confirmed that a person had indeed had access to a management tool – internal to Twitter – and which would have been used to take control of the various accounts. Vice was also able to get screenshots of the same tool, and the photos posted on Twitter were quickly deleted by the social network for violation of the rules.
As we said yesterday, the attack was therefore not carried out on a case-by-case basis. The malicious person (s) would have used this internal tool, a real panel allowing to take control over the different accounts. At present, it remains to be seen whether the organization of this attack would have been solely orchestrated by the employee on Twitter, or whether this person inside the company would have been paid to help the real hackers.
Twitter confirms internal track
A few minutes after the Vice article was published, Twitter confirmed the trail: “We have detected what we think is a social engineering attack coordinated by people who have successfully targeted some of our employees with access to systems and internal tools ”.
The social network with the blue bird spoke on its support account, explaining that during their investigation, his team had taken “important measures to limit access to internal systems and tools”.
Almost 12 hours after the start of this unprecedented attack on Twitter, the villains managed to get almost 12.9 BTC, the equivalent of more than € 100,000. According to figures from Blockchain.com, the BTC (unique) address published in the various scam tweets identified 376 transactions, a score that could have been much higher if the tweets had stayed longer.
I am sorry that this post was not useful for you!
Let me improve this post!
Tell me how i can improve this post?