The hackers who got away with BTC 13.14 – worth roughly USD 146,000 – in the infamous Twitter attack on July 15, gained the access they needed by targeting Twitter employees directly through a “phone spear-phishing attack,” Twitter said.
The attackers relied on “a significant and concerted attempt to mislead” specific employees, and “exploit human vulnerabilities” to gain the access they needed to carry out the attack, the social media giant said today.
The attack, now known to be the largest hack in Twitter’s history, made headlines across the world earlier in July as celebrities like Barack Obama, Bill Gates, Elon Musk, and Michael Bloomberg all had their accounts compromised, with the hackers posting tweets where they asked followers to send them BTC.
Sharing the latest information from its internal investigation, Twitter said that the attackers managed to obtain credentials from the employees they targeted, thus getting access to the company’s account support tools, which, in turn, provided direct access to 130 Twitter accounts.
By obtaining employee credentials, they were able to target specific employees who had access to our account support tools. They then targeted 130 Twitter accounts – Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7.
— Twitter Support (@TwitterSupport) July 31, 2020
In response to the finding that attackers managed to mislead Twitter employees to give them the access they needed, Twitter said that they are now “taking a hard look” at how account support tools can be made “more sophisticated.” Further, it also said that access to internal tools have been made “significantly limited” to ensure a similar incident does not happen again.
The sophisticated spear-phishing attack that targeted Twitter should also be a learning lesson for the crypto community, which has previously been plagued with phishing attempts in the form of fake websites of exchanges, phone scams, and email phishing attempts.
As previously reported by Our, phishing attacks are particularly prevalent in the crypto world, as unlike bank transactions, transactions made with cryptocurrency are almost impossible to reverse.
What typically happens is that scammers will send out emails from addresses that closely resemble legitimate addresses from crypto wallets or exchanges, usually changing only one letter in the address. This email will inform users of supposed malicious login attempts and urge the recipients to use the links contained therein to change their account information on the platform. Once the user inputs login information through the compromised link, hackers gain access to the user’s account, enabling them to get away with any cryptoasset that is held there.
Twitter Hack Victims Face New Personal Data Breech Threats
The Twitter Hacks and Battles of Plato, Socrates and Aristotle