At the beginning of this week, a group of DDoSecrets activists (Distributed Denial of Secrets),…
For most of these accounts was turned on two-factor authentication, which did not stop hackers, however, there is an assumption that some accounts disabled 2FA after a known scandal and did not include protection.
Messages from hackers promised huge profits to users (if they first send a few bitcoins to the specified address). Fraudsters acted according to the classical scam scheme: they asked to send them a small amount of cryptocurrency, promising to double and return any amount received.
“Although the real account owners and social network employees tried to delete these messages, they immediately appeared again”, — reports Bleeping Computer.
Paradoxically, even in 2020, many people who believed that Bill Gates, Elon Musk and other well-known companies and personalities suddenly began to distribute bitcoins. Since the same messages and the same bitcoin wallet were used for all hacked accounts, you can see that the scammers “earned” about 13 BTC, that is, about $120,000.
Remains unclear, how Twitter suffered such a massive attack.
“At night, the company’s specialists were forced to disable the ability to write messages for all verified accounts with a blue “checkmark” for several hours, as well as prohibit resetting passwords and a number of other functions”, – report in BleepingComputer.
Currently, many accounts may still experience blockages. Also, at some point, the social network began to automatically delete messages containing the purse address of the attackers, and any messages similar in structure to a scam message (several jokers posting parodies of these messages were blocked).
The head of Twitter, Jack Dorsey, reports that the investigation will be as transparent as possible.
“Tough day for us at Twitter. We all feel terrible that this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened“, – wrote Jack Dorsey.
Currently, the preliminary results of the investigation are the followig. Twitter officially reports that at the root of the incident lies a coordinated attack on company employees using social engineering. As a result, attackers were able to gain access to unnamed internal systems and tools, which they used, taking control of many popular accounts.
This is fully consistent with the most popular among information security experts theory. The fact is that at night there were reports on the network that hackers reached the Twitter admin panel, and Twitter employees, which only increased the experts’ suspicions, almost instantly deleted these messages with screenshots.
As a result, in an effort to reduce risks, Twitter engineers went to the extreme measure, which they themselves called “destructive” and proactively blocked a huge cluster of accounts (which were not even attacked at first glance), restricting publications and other functions for them. The owners are promised to regain access to these accounts as soon as it becomes clear that they are safe and the threat is eliminated.
The company claims that it has already taken measures to limit access to internal systems and tools, but the investigation is still ongoing and it is extremely far from completion. It is also mentioned that the company carefully checks, to what data other user information crackers could gain access (for example, private messages, pending and saved tweets).
It is worth noting that some information security experts are already writing that the attack was probably not as simple as it seems at first glance. After all, gaining access at such a level and “spending” it on a fake distribution of cryptocurrency, which brought a little more than one hundred thousand dollars, is a rather strange step for hackers: in theory, such access could be sold for millions. Therefore, many believe that the real purpose of this campaign could probably be, for example, data theft.
However, other experts say that everything is possible, and some criminals are simply not too smart.
“Sometimes hackers come across valuable access they don’t know how to properly monetize. Just because they only made $ 100k from having access to almost every Twitter account doesn’t necessarily mean there’s a deeper hidden motive. Some hackers just aren’t creative”, – comment on the situation at MalwareTech.
By the way, let me remind you that there were cases when the company itself was rather careless in handling user data.
Kabatibly.co.in is a domain that tries to force you into clik to its browser notifications…
Reditarcet.co.in is a site that tries to force you into subscribing to its browser notifications…
Everestpeak.top is a domain that tries to trick you into subscribing to its browser notifications…
Firm-jawed.yachts is a domain that tries to trick you into subscribing to its browser notifications…
Anapurnatop.top is a domain that tries to trick you into subscribing to its browser notifications…
Boomira.com is a domain that tries to force you into clik to its browser notifications…