‘Coordinated social engineering attack’: Twitter confirms employees with access to internal systems targeted in bitcoin scam hack
Twitter has said that alleged bitcoin scammers targeted some of its employees to get access to “internal systems and tools,” which they then apparently used to hack into a high-profile accounts, such as Joe Biden’s.
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
— Twitter Support (@TwitterSupport) July 16, 2020
Noting that it is still investigating the circumstances behind the hack, Twitter said that it has taken “significant steps to limit access to internal systems and tools” which were compromised by the attackers.The company has gone to great lengths to stop the attack, imposing a mass lockdown not only on the affected accounts, but on the majority of blue checks as a precaution as well.
The tactics, although proven effective, caused a major disruption on the platform, as many A-listers and media organizations had to stay mute or resort to back-up options for several hours.Twitter admitted that the strategy might have caused some inconvenience, but said its bold action was needed to mitigate the impact of the breach.
This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do,” a company spokesperson said.
As result of the attack, scores of high-profile accounts – including those of presumptive Democratic presidential nominee Joe Biden, former US President Barack Obama, Tesla and SpaceX CEO Elon Musk, potential new presidential hopeful Kanye West – tweeted messages asking followers to send them a certain amount in bitcoin, vowing to send back twice as much – under the pretext of “giving back to the community.”
While the tweets were promptly erased from the site, scammers had reportedly already racked up over $100,000 by the time the scheme was exposed.
Twitter said it is still looking into what “other malicious activity” the hackers may have carried out, including gaining access to other information apart from the accounts’ personal data.
Think your friends would be interested? Share this story!
Comments are closed.