The past couple of days have been terrible for Twitter users as a coordinated cyberattack occurred. The attackers hacked various high profile verified Twitter accounts to promote crypto scams. The affected accounts belonged to tech giants like Apple and Uber, and people like Elon Musk, Bill Gates, and more.
Numerous Verified Twitter Accounts Hacked
Recently, numerous verified Twitter accounts suffered a hacking attack as the scammers exploited them to promote crypto scams. The affected accounts belonged to top organizations, entrepreneurs, and celebrities.
It all remained unnoticed until the hijacked accounts started tweeting about cryptocurrency giveaways.
For now, the following accounts have been identified to have suffered the incident (though, there could be more).
- Bill Gates
- Jeff Bezos
- Elon Musk
- Barack Obama
- Joe Biden
- Warren Buffet
- Mike Bloomberg
- Apple
- Uber
- Binance
- Bitcoin
- Gemini
- CoinDesk
- Kanye West
- Kim Kardashian
- Wiz Khalifa
- Floyd Mayweather
Since the affected accounts were verified and official, people believed in those tweets. As a result, it turns out that the attackers racked up over $100,000 via the given bitcoin addresses.
Twitters Continues Investigations Revealing Insights
After the matter caught Twitter’s attention, they swiftly contained the attack whilst disclosing the matter.
We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.
— Twitter Support (@TwitterSupport) July 15, 2020
As they continued with the investigations, they kept everyone informed by sharing various tweets via TwitterSupport.
Since July 16, 2020, they have been investigating the matter besides restoring the affecting accounts to the original users. Recently, they have shared a post summing up all they have found.
In brief, they found that the attackers managed to infiltrate Twitter’s internal system by hacking employee accounts via social engineering. They could even bypass their two-factor protections.
Regarding the hijacked accounts, Twitter stated,
As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets.
Whereas for 8 other accounts, not publicly disclosed by Twitter, the attackers also downloaded the account information.
As for the remediation, Twitter hasn’t disclosed anything explicitly. But they have highlighted a few steps that they took to restore the compromised accounts.
We took preemptive measures to restrict functionality for many accounts on Twitter – this included things like preventing them from Tweeting or changing passwords…
We also locked accounts where a password had been recently changed out of an abundance of caution.
Besides account restoration, Twitter has also mentioned about strengthening their security to prevent attacks as their future steps.
Users can continue following the TwitterSupport account to know the latest updates.