Twitter suffered a huge attack last week. The IT community was shocked and bewildered by…
The attackers, identified shortly after the incident, used access to the internal Twitter network to change the email addresses and credentials of users of interest and take control of their accounts.
“In total, hackers tried to attack 130 accounts and 45 of them had their passwords changed”, – says the NYDFS report.
A few weeks after the incident, the Twitter administration reported that during the attack, the attackers contacted company employees by phone and tricked them into gaining access to the necessary internal support tools. According to the NYS Department of Financial Services, it took almost a day from the time of the phone call to the hack.
The attack was allegedly carried out by 17-year-old Florida resident Graham Ivan Clark aka Kirk #5270, 19-year-old Briton Mason John Sheppard, aka Chaewon, and 22-year-old Florida resident Nima Fazeli, also known as Rolex.
After lunch on July 14, the attackers called several Twitter employees and, posing as IT employees, reported problems with the VPN (a very common problem, given the number of employees working remotely). They then asked employees to enter their credentials into a form on a phishing page.
“The investigation did not find any evidence that the employees deliberately helped the hackers. With the help of employees’ personal information, the attackers managed to convince them that they are really who they say they are”, – says the report.
While some employees did report a suspicious call to Twitter’s internal anti-fraud department, at least one victim fell for the bait.
Although the first victim did not have access to the internal systems of interest to the hackers, they used her credentials to navigate the network and search for employees who had such access. On July 15, attackers attacked these employees, including those responsible for handling delicate global legal requests.
Soon after the attackers gained control of Twitter accounts (including the “original gangster” OG accounts), they began discussing selling OG usernames and demonstrating that they had access to Twitter’s internal systems.
Cybercriminals then switched to verified accounts to lend credibility to their cryptocurrency fraudulent scheme.
“Within a few hours, they attacked the accounts of cryptocurrency trader AngeloBTC, cryptocurrency exchange Binance and ten other cryptocurrency-related accounts, including Coinbase, Gemini Trust Company and Square”, – reports NYDFS.
A few hours later, hackers began to post tweets from compromised accounts, including Apple, Uber, Bill Gates, Elon Musk, Kanye West, Floyd Mayweather, Kim Kardashian, etc. As a result, they managed to steal $118 thousand in bitcoins.
The NYS Financial Services Authority found that the incident had compromised the non-public data of some users, and Twitter did not update information about the incident in a timely manner.
News-bfopeci.info is a domain that tries to force you into subscribing to its browser notifications…
News-bfugaho.info is a site that tries to force you into clik to its browser notifications…
News-bganise.info is a domain that tries to trick you into clik to its browser notifications…
News-xhijupa.com is a domain that tries to trick you into subscribing to its browser notifications…
News-xnicini.cc is a domain that tries to trick you into subscribing to its browser notifications…
News-xpafema.cc is a site that tries to trick you into subscribing to its browser notifications…