Twitter accounts hacked (July 15, 2020)

[German]Hackers managed to trick Twitter employees on Wednesday and take over tens of thousands of high-profile Twitter accounts (Joe Biden, Elon Musk, Bill Gates, Barack Obama, Uber and Apple) via their dashboard or an internal tool. This was then used for scams involving crypto-currencies.


Advertising

I became aware of the problem via Twitter – both Twitter and other security researchers reported the hack.

Prominent Twitter accounts ask for 1,000 US $

On Wednesday, high-profile accounts, including those of Joe Biden, Elon Musk, Bill Gates, Barack Obama, Uber and Apple, suddenly tweeted about crypto-currencies. A wave of tweets was to be used for crypto-currency scams.

(Source: Twitter)


Advertising

The message : 'send me 1.000 US $ and you will get 2.000 $ back' was shown. Obviously a hack to take over the account has taken place.

It was probably an Insider job

Looks like it was an inside job. Vice reports here that a Twitter insider, according to leaked screenshots viewed by Motherboard and two sources, was responsible for the account takeover. "We used a representative who literally did all the work for us," one of the sources told Motherboard. The second source added that they paid the Twitter insider.

Motherboard granted anonymity to the sources to talk openly about a security incident. A Twitter spokesperson told Motherboard that the company is still investigating whether the employee hijacked the accounts himself or gave hackers access to the tool.

According to sources, the accounts were hijacked using an internal tool on Twitter. Screenshots of the tool that Motherboard has seen confirm this. One of the screenshots shows the panel and the account from Binance. Binance is one of the accounts that was taken over by hackers today. According to the screenshots, at least some of the accounts seem to have been compromised by changing the email addresses associated with them using the tool.

Twitter still investigating – tweeting possible again

Currently, Twitter is still investigating the incident and had set a block on posting tweets. However, most Twitter accounts are now allowed to post again. One more thing: Twitter has deleted some screenshots of the dashboard and suspended users who tweeted them, claiming that the tweets violate the rules.


Advertising

This entry was posted in Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).