TWITTER released an update into the massive bitcoin hack that got billionaire Elon Musk, former US president Barack Obama and others was caused by a “spear phishing attack.”
On July 15, hackers posted tweets from several prominent, verified Twitter users’ accounts, falsely claiming that any bitcoin sent to a certain address would be paid back in double.
The scam netted the hackers 400 payments with a total value of $121,000.
“The attack on July 15, 2020, targeted a small number of employees through a phone spear phishing attack,” Twitter wrote in an update on the hack.
“A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools.
“This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” added the social media giant.
According to Twitter, “using the credentials of employee with access to these tools,” the attackers targeted 130 accounts, ultimately tweeting from 45, accessing the DM inbox of 36 and downloading the Twitter data of seven.
Twitters update post did not list which accounts were affected, however some figures whose accounts were targeted included Elon Musk, Barack Obama, Joe Biden, Bill Gates and Kim Kardashian.
Considered the biggest attack in Twitter’s history, the hack was apparently carried out by four young adult gamers, including a 19-year-old who live with his mother, as a prank devoid of any ideological motivation, the New York Times reported.
Twitter is still grappling with how to respond, they added it is still not comfortable returning to normal operations. That it has limited access to internal tools until it feels it has properly safeguarded its backend.
“While these tools, controls, and processes are constantly being updated and improved, we are taking a hard look at how we can make them even more sophisticated,” Twitter wrote.
“We’ve significantly limited access to our internal tools and systems until we can safely resume normal operations.
“Our response times to some support needs and reports will be slower. Thank you for your patience as we work through this,” the company added.
Twitter said it was working to improve preventing and detecting “inappropriate access” to its systems.
Source: Read Full Article