- Twitter has confirmed a phone spear-phishing attack behind the July 15 bitcoin scam.
- Twitter said that the attack relied on a significant attempt to mislead certain employees and exploit human vulnerabilities to break into the system.
- Twitter said that to protect its service, it has limited access to an internal tool like Your Twitter Data and other systems.
Twitter on Thursday confirmed a phone spear-phishing attack that led to the hacking of tens of high-profile accounts luring users to invest in bitcoin currency. Twitter acknowledged the hack saying it was part of coordinated social engineering. Twitter's latest update through its security account and blog post notes that it was a phone spear-phishing attack that led to the scam.
Social engineering is the skill through which hackers manipulate people into giving out critical information. They may or may not have access to the company's codes. Phishing is a part of social engineering.
"The attack on July 15, 2020, targeted a small number of employees through a phone spear-phishing attack. This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems," Twitter noted in a blog post.
"A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools," Twitter said.
"Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes," Twitter added.
This could mean that the hackers convinced Twitter employees to give out their credentials to break into the system through a phone call.
"This knowledge then enabled them to target additional employees who did have access to our account support tools," Twitter wrote. Twitter said that with the credentials of employees and with access to tools, the attackers targeted 130 Twitter accounts, tweeting from 45, accessing the DM inbox of 36, and downloading Twitter data of 7.
Twitter further said that to protect its service, it has limited access to internal tools and systems and because of the limitations to access internal tools and systems, the Your Twitter Data Tool will be impacted. It also said, "We will be slower to respond to account support needs, reported Tweets, and applications to our developer platform. We're sorry for any delays this causes, but we believe it's a necessary precaution as we make durable changes to our processes and tooling as a result of this incident."
On the night of July 15, 136 of the most high-profile accounts including that of Jeff Bezos, Barack Obama, Joe Biden, Elon Musk, Official accounts of Apple, and Uber were targeted. 45 of these accounts were then used to spread the bitcoin scam and fool people into donating money through a link.