Massive Twitter Hack Hijacked Big Name Verified User Accounts For Bitcoin Fraud–Biden, Obama, Kanye, Musk, Gates, And More Affected
Twitter is under fire for its slow response to a hack that took control over some prominent verified user accounts with a reach of over 300 million users.
Hackers managed to gain control of employee credentials and used them to hijack the accounts of prominent politicians, celebrities, wealthy philanthropists, and even the official Twitter accounts of some companies. The biggest names that were hacked include Barack Obama, Joe Biden, Elon Musk, Bill Gates, Jeff Bezos, Kanye West, Kim Kardashian, Michael Bloomberg, Apple, and Uber.
It took Twitter five hours to get a handle on the incident. Initially, verified users were unable to tweet or log in to their accounts.
The hackers posted similar messages to each of the accounts that said that as an act of “giving back to the community” during the pandemic if someone sends Bitcoin, he would return it double–for example if $1,000 in Bitcoin was sent, $2,000 will be returned.
Biden’s message looked like this:
In a series of tweets, the company said: “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
The hackers then “used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf.”
The company statements confirmed the fears of security experts that the service itself – rather than users – had been compromised.
Source: Reuters
When all was said and done, 400 Bitcoin transfers were made with a combined value of $120,000. Twitter stock dropped as much as 4 percent in after-hours trading as confidence in the security of the platform was shaken.
The hack has raised a number of questions about security and possible election interference since the user accounts that were targeted included the former President and the current Democratic nominee.
While the motives and source of the attack are not yet known, the coordinated hijacking of the verified communications streams of world leaders, celebrities and major corporate accounts was a frightening prospect. Twitter has become a de facto wire service for the world and is used for official communications by governments during emergencies; a hack on the scale of Wednesday’s attack could have been more disruptive or even dangerous.
“The amount of damage this could cause is very high,” said Douglas Schmidt, a computer science professor at Vanderbilt University. “These people could hold information gleaned from the hack for ransom in the future.”
Source: The Guardian
The messages sent out were to trick people into sending Bitcoin, but that might not be the end of it.
An even worse scenario was that the bitcoin fraud was a distraction for more serious hacking, such as harvesting the direct messages of the account holders.
Twitter said it was not yet certain what the hackers may have done beyond sending the bitcoin messages.
“We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” the company said.
Source: Reuters
Senator Josh Hawley(R-MO) sent a letter to Twitter’s CEO Jack Dorsey urging him to contact the FBI to investigate the hack.
Sen. Hawley wrote, “I am concerned that this event may represent not merely a coordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself. As you know, millions of your users rely on your service not just to tweet publicly but also to communicate privately through your direct message service. A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security. Please reach out immediately to the Department of Justice and the Federal Bureau of Investigation and take any necessary measures to secure the site before this breach expands.”
He then had several questions for Dorsey regarding the breach and what measures Twitter takes to ensure security for the user base. Sen. Hawley also asked if the security of the President’s Twitter account had been threatened.
Motherboard is now reporting that the hackers managed to get a Twitter insider to get control of the accounts.
“We used a rep that literally done all the work for us,” one of the sources told Motherboard. The second source added they paid the Twitter insider. Motherboard granted the sources anonymity to speak candidly about a security incident. A Twitter spokesperson told Motherboard that the company is still investigating whether the employee hijacked the accounts themselves or gave hackers access to the tool.
The accounts were taken over using an internal tool at Twitter, according to the sources, as well as screenshots of the tool obtained by Motherboard. One of the screenshots shows the panel and the account of Binance; Binance is one of the accounts that hackers took over today. According to screenshots seen by Motherboard, at least some of the accounts appear to have been compromised by changing the email address associated with them using the tool.
In all, four sources close to or inside the underground hacking community provided Motherboard with screenshots of the user tool. Two sources said the Twitter panel was also used to change ownership of some so-called OG accounts—accounts that have a handle consisting of only one or two characters—as well as facilitating the tweeting of the cryptocurrency scams from the high profile accounts.
Source: Motherboard
Here are the screenshots of the panel for the Binance account:
Here is the other Twitter panel that has some interesting tags on it including “Bounced,” “Inactive,” “Perm Suspended,” “Suspended, “Protected,” “Inactive,” “Compromised,” “Trends Blacklist,” “Search Blacklist,” and “Read Only.”
Wow. Does this mean that the claim that conservatives have been making for years that Twitter blacklists and shadow-bans users is accurate? It sure looks that way.
Ouch.
That’s not a good thing to get out as Twitter users are fleeing to other platforms after they decided to “fact check” the President’s tweets.
It wasn’t a good day for Twitter, but for a brief, shining moment, the non-verified users had free reign of the site, and it was a much better place.
https://twitter.com/iowahawkblog/status/1283542536477433863?s=20
I will remember it always and cherish that brief moment where Twitter was actually pleasant for users.