Twitter on Thursday shared further details of the high-profile cyber attack on the platform as part of an alleged cryptocurrency scam.
Earlier on Thursday, hackers had gained access to multiple high-profile accounts, including Joe Biden, Barack Obama, Jeff Bezos, Elon Musk, Bill Gates, Uber and Apple.
Twitter believes that this was a “social engineering attack.” The company believes the hackers had targeted employees with access to internal systems and tools.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter said from its official support account.
“We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” it said.
Accounts locked
Twitter has locked the verified accounts that were impacted. It will give back the account assess once it is sure that the accounts are secure. Previously, it had limited certain functionalities of all the verified accounts, including the ability to tweet and reset their password.
“We have locked accounts that were compromised and will restore access to the original account owners only when we are certain we can do so securely,” Twitter said.
“Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers. We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this,” it said.
“This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do,” it added.
The microblogging platform has also taken “significant steps” to limit access to internal systems and tools during its investigation.
According to a report by Motherboard , the hackers claimed that they had paid a Twitter insider to carry out the attack. A Twitter spokesperson told Motherboard that they were investigating if the hackers had hijacked the accounts themselves or if it was done by an employee.
Prior to hijacking these accounts, hackers had also targeted popular accounts related to cryptocurrency.
Tweets asking followers to send bitcoins to a specific address were posted from this account. The original bitcoin address shared with the tweets had collected bitcoins worth over $1 lakh, according to a TechCrunch report.
More Like This
Published on July 16, 2020
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.