A series of high-profile Twitter accounts were hijacked in a “security incident” on Wednesday. Some of the world’s richest and most influential politicians, celebrities, tech giants and companies were the subject of this massive Twitter hack.
Microsoft co-founder Bill Gates, Amazon founder Jeff Bezos, billionaire Elon Musk, reality television show star Kim Kardashian, former U.S. President Barack Obama, investor Warren Buffett, corporate accounts for Uber and Apple and several accounts of cryptocurrency-focused organizations were hijacked to spread a cryptocurrency scam. The hijacked profiles accounts had tens of millions of users. These accounts were used for pushing out tweets asking millions of followers to send money to a bitcoin address.
Source
According to cryptocurrency tracking website blockchain.com, there have been at least 363 transactions since the tweets were posted and so far, the account has received more than $118,000.
Once Twitter became aware of what happened, they “immediately locked down” hacked accounts and removed the tweets sent on their behalf. Twitter also limited functionality for all verified accounts, including those that showed no evidence of being compromised, while they investigated the issue.
Here’s the statement from Twitter,
“We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely. Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.”
Findings
As the investigation continued, Twitter said in a statement that the company detected what they believed to be “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
“We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” the company tweeted.
Twitter does not disclose on what tools the attackers accessed or how exactly the attack was carried out, but Motherboard (Tech by Vice) reported that various underground hacking circles have been sharing screenshots of an internal company admin tool allegedly used to conduct the account takeovers, potentially by resetting account email accounts and then recovering passwords.
While Twitter is consistently tweeting the updates about the security breach to keep its customers informed, this incident has put Twitter’s cybersecurity under question.