The biggest Twitter hack allowed attackers to tweet on behalf of Elon Musk, Joe Biden, Bill Gates, and other V.I.P users
The 16th of July, 2020 seems to be the worst day for Twitter, the most popular American microblogging and social networking platform. At approximately 4 pm San Francisco Twitter accounts belonging to V.I.P clients, including Joe Biden, Bill Gates, Elon Musk, Apple, Barack Obama, Kanye West, Kim Kardashian, Mike Bloomberg, and Uber have been compromised[1].
I am giving back to the community.
All Bitcoins sent to the address below will be sent back doubled! If you’ll send $1,000, I will send bak $2,000. Only doing this for 30 minutes.
All Twitter approved official accounts of politics, businessmen, and celebrities shared the same fake tweet offering the followers to send Bitcoins and get back double. Since Twitter has over 330 million[2] active users who actively follow the mentioned hacked accounts, the link provided in the fake Twitter messages received hundreds of reactions. Moreover, the publicly available blockchain record revealed that the link received over $100,000.
The Twitter employees targetted by a coordinated social engineering attack
The Twitter hack has been revealed approximately an hour after the fake tweets have been posted. The company was quick to remove Bitcoin scam messages from most of the accounts. However, some of them have been re-tweeted soon after that. As a reaction, Twitter blocked the compromised accounts and officially acknowledged the so-called “global security crisis.” The chief executive Jack Dorsey[3] tweeted on its official account:
Tough day for us at Twitter. We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
In order to regain control, Twitter restricted users from certain features, including tweeting and password reset while the investigation is taking place. The services have been restored at around 8:30 pm on Wednesday.
Afterward, the Tweets from Jack Dorsey and official Twitter accounts[4] have been regularly supplemented with the new details of the investigation. As Dorsey pointed out, the current Twitter breach has been initiated via the internal Twitter system after several accounts of employees have been compromised.
The so-called coordinated social engineering attack has been used against Twitter employees to extort the credentials of their accounts. The exact method used for the hack hasn’t been proclaimed yet. Nevertheless, there are speculations that the hack couldn’t have happened without a Twitter employee to be a partner in crime with hackers.
What’s the motif? Money extortion, political game, or check on cybersecurity?
At the moment, neither the criminals not their motifs are clear. The Internet is flickering from various speculations whether the motif of attackers was the money. Bitcoin scams are a technique that has been used by criminals for many years due to its effectiveness and anonymity[5].
However, the other critics expressed suspects that the biggest Twitter hack has been initiated by the international hackers possibly from Russia, China, North Korea, or Iran[6] for political reasons. Having in mind that the breach aimed at figures like Joe Biden, Barack Obama, Elon Musk, and others who are announcing major policy and tech decisions daily, such a presumption makes sense.
The Republican Senator Josh Hawley[7] contacted Twitter with an official request to prove if President Trump’s account hasn’t been hacked during the incident. Officials have declared that the biggest breach in Twitter’s history did not affect the Mr. Trump’s account as it has been lock-and-key protected for additional security.
Twitter’s team is currently under the investigation of the breach. On the 17th of July Twitter Support site published another apology message, though no technical details on how the incident managed to happen and what consequences it had on the compromised accounts haven’t yet been provided.
Thank you for your continued patience and understanding while we investigate this incident. We’ll continue to provide updates when we have them.
The company added urged users to be cautious and treat money-related tweets with extreme carefulness. Although the gathered evidence indicates the fact that the attack has been aiming at the company rather than the individual users, fully trusting the content given on social media networks is not recommended for the sake of security.