Last night Twitter verified accounts were hacked, these accounts included those of prominent international figures and companies Barack Obama, Elon Musk, Jeff Bezos, Joe Biden, Uber and more. The hack left the following post (which had a link):
Twitter moved to remove the tweets and suspended some functionality to verified accounts.
The initial wave of attacks was first aimed at cryptocurrency sites that were posting:
“We have partnered with CryptoForHealth and are giving back 5000 BTC to the community,”
The post was then ended by a link to a website. The link was then put offline according to the CEO of Namesilo, the domain registrar the hackers were using.
At first the accounts attacked were able to quickly delete the tweets. Many verified accounts were unable to post tweets after the hack tweets were deleted. Twitter then responded by with the following:
Twitter said the investigation is ongoing and that they detected what they believe to be a coordinated “social engineering” attack by individuals who were able to successfully target Twitter employees with access to internal systems and tools.
How were they able to do this?
Well… According to Tech Crunch they spoke with someone in the “underground hacking” scene and the source said that the hacker was able to get access to an internal admin Twitter tool that resets the email addresses of accounts.
When the email was reset it then made it difficult for the owners to access their accounts. The hacker(s) according Tech Crunch’s source may have gotten away with an estimated US$100 000 within hours.
What is being done about it?
In a tweet Twitter said that they are taking significant steps to limit access to internal systems and tools. The investigation is ongoing and more will follow. Twitter has also locked accounts that were compromised and will restore them to the original owner, and they are aiming to do so securely.