The hacker(s) even successfully got some money from folks who fell for the scam. As Bitcoin transactions are traceable to an extent, you can see how much money a Bitcoin wallet address is holding. The wallet being linked to the hackers shows that they managed to steal nearly $120,000 from people.
— Ryan Mac ? (@RMac18) July 15, 2020 [Read: Dozens of celebrity Twitter accounts hacked in massive bitcoin scam] Thankfully, all of this was short-lived. Twitter’s security team regained access to the hacked accounts, and deleted all tweets related to the Bitcoin scam. For a short amount of time, the social network prevented verified accounts from tweeting as a security measure.
— Twitter Support (@TwitterSupport) July 15, 2020 So what the heck happened? Twitter said that it detected “what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
— Twitter Support (@TwitterSupport) July 16, 2020 What’s social engineering? It’s when someone manipulates you to extract information by masquerading as a trusted actor (such as your bank, or a friend who seems to know intimate details of your life); in this case, the target was access to Twitter’s systems. It might not be easy to get access to Twitter’s internal tools. So hackers targeted a mole inside the company. According to a report by Vice’s Joseph Cox, who talked to sources who took over accounts, hackers got hold of Twitter’s internal admin tools, which made the task easier. Once they got the access to the tool, they changed the recovery email addresses of high-profile accounts to make these handles difficult to recover, and tweeted the Bitcoin scam message. Vice’s report also notes that the attackers got hold of some coveted accounts with one- or two-character handles. This is not the first social engineering-based incident on Twitter. In 2019, in a court case, details of two former employees of the social network spying for the Saudi Regime came to the fore. In 2017, a Twitter employee briefly managed to delete President Donald Trump’s account. This hack didn’t do much damage, but it points to the possibility of a horror show. In this instance, hackers just tweeted a Bitcoin scam. But they could’ve taken over political accounts and tweeted stuff that might’ve had far more dangerous implications than stealing a few thousand dollars. Twitter said that it has limited access to internal tools. But wasn’t that restricted already? And since this was a social engineering attack, what’s there to prevent hackers to manipulate another Twitter employee who might’ve access to the tool?