Hackers used employee credentials to gain access: Twitter on Bitcoin hack

18 July, 2020 | newsx bureau

Twitter World

The Twitter mega Bitcoin hack is suspected to have compromised at least 130 accounts; Twitter examines angle of social engineering in coercing employees into divulging crucial information as it con...

Twitter said on Saturday that the recent attack on accounts of prominent figures was carried out by hackers who infiltrated the company’s internal systems using several employees’ credentials.

“The attackers successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems, including getting through our two-factor protections,” the company said in a blog post on the matter.
The social media company said that the attackers appear to have used social engineering tactics to force employees to take certain actions and divulge key information.

From initial assessments, Twitter has found that the hack compromised 130 accounts, 45 of which “the attackers were able to initiate a password reset, login to the account, and send Tweets.” Additionally, the hackers took steps to begin downloading statistics from eight of those accounts.

Also read: CCP trying to dominate global communication networks: Mike Pompeo

Also read: Following India’s lead, US Congressmen ask Trump to ban TikTok

The hack which took place on Wednesday saw Barack Obama, Joe Biden, Elon Musk and more well-known US figures lose access to their accounts. The hackers then posted messages urging users to send bitcoin to an account to receive double the amount back.

Twitter was forced to issue a blanket ban on tweeting from all verified accounts.

The New York Times reported that the attack was coordinated between four people, one of whom said he was a Twitter employee. Two of the group, from the US and UK, reached out to the paper saying their participation involved hacking lesser-known accounts with attractive usernames for later reselling and had not anticipated the scale of the attack.

The hack saw the perpetrators rake in the bitcoin equivalent of $180,000 in a matter of hours.

The Federal Bureau of Investigations has launched a probe into the attack.

The hack is the largest the company has ever experienced which may put a dent in the security reputation of what is essentially the world’s de facto wire service.

Also read: Joe Biden, Elon Musk, Bill Gates’s Twitter accounts hacked