The dust is still settling after yesterday’s massive Twitter hack, and there are numerous questions that still need to be answered. While Twitter’s initial response blamed hackers targeting employees with phishing attacks, some reports claim the hackers had someone on the inside who was paid to provide access to Twitter’s previously unknown administrative tools.
The hack began in the mid-afternoon on July 15th, targeting some of the most notable accounts on the service. Accounts belonging to Joe Biden, Elon Musk, Bill Gates, Apple, Uber, and others tweeted a promise to double any Bitcoin sent to a crypto address. With millions of highly engaged followers, at least some people were bound to fall for the scam, and fall for it they did.
As of this writing, the address listed in the tweets has taken in 12.86 Bitcoins with a current street value of more than $117,000. The perpetrators have transferred almost all the cryptocurrency out of the wallet in more than 300 small batches. By passing it through other anonymous wallets, the hackers can make the funds nigh impossible to track. All those transaction fees probably ate into the take, but that’s not bad for an afternoon’s work.
Twitter’s only statement on the nature of the hack came in the immediate aftermath when it called it a “coordinated social engineering attack.” That makes it sound like Twitter employees were phished by the attackers, who then used that access to manipulate accounts via the internal tool. However, Vice has sources who say a Twitter employee was personally involved in the attack. “We used a rep that literally done all the work for us,” said one of the people allegedly involved. Another source claims they paid a Twitter employee for access.
Twitter is still investigating the incident but notes that it has restricted access to the administrative tool used to hijack the accounts. Screenshots of the admin panel show just how much access Twitter employees have to user accounts. Anyone with access can view protected content, suspend accounts, and even change ownership by adding a new email address. Twitter is suspending any handle that tweets images of the sensitive internal admin panel.
There may still be more fallout to come — the hackers might have saved copies of direct messages from these high-profile accounts. The information contained within could end up being much more valuable than a few Bitcoins.
- Twitter Warns of Account Hijacking Flaw in Android App, Urges Immediate Updates
- Facebook Used Its VPN to Spy on Other Companies, Users
- No One Wants to Talk About How Completely We Were Lied to