Twitter reveals that users’ private data has been downloaded by hackers
The social networking site Twitter has confirmed that hackers used the same tools designed to be used only by company employees to hack into the accounts of several celebrities this week.
The hackers took control of the accounts of US presidential candidate Joe Biden, TV star Kim Kardashian, former US President Barack Obama, SpaceX CEO Elon Musk, the world’s richest man Jeff Bezos and Microsoft founder Bill Gates. Had taken over
Twitter also said that the hackers had downloaded the data of 8 accounts, whose identities were not revealed but it was said that they were not verified, meaning that the accounts of important people were protected from it.
However, hackers could use your Twitter data download to gain access to private direct messages, contacts, blocked or muted account details and more.
The New York Times reports that hackers gained access to the tools through Twitter’s internal Slack messaging channel, a service that companies use as an alternative to e-mail.
According to the report, at least two people involved in the operation were from the UK.
According to Twitter, a total of 130 accounts were targeted, of which hackers managed to change the passwords of 45 and gain control.
How did the attack happen?
The attackers targeted specific employees of the company through a social engineering scheme and gained access to classified information, Twitter said.
The company said it could possibly view additional information, including direct messages.
Personal messages from Kim Kardashian, her husband Kanye West or Elon Musk can be valuable in dark web forums, as can messages from presidential candidates Joe Biden or former New York Mayor Michael Bloomberg.
The company is in direct contact with affected people, while the process of restoring access to other users whose accounts were still locked out is underway, the statement said.
What happened during the hacking?
On July 15, bitcoin-related accounts began tweeting what appeared to be a bitcoin fraud, promising people to double the amount of a bitcoin sent to their address.
Then the same messages appeared on the accounts of important personalities such as Barack Obama, Kanye West and Joe Biden.
Following the attack, Twitter temporarily barred all verified users from tweeting, but US President Donald Trump was one of the few key Twitter users to survive the attack.
There is speculation that this was due to the additional protection provided to President Trump in 2017 after a Twitter employee suspended his account on the last day of work.
Bitcoin is very difficult to detect, while the 3 separate cryptocurrency vaults used by cybercriminals are already empty.
The digital currency was potentially broken down into smaller pieces and transferred through mixer or Tumblr services, making it harder to find attackers.
But traces of these hackers have surfaced on social media, including Twitter.
Huds Rock, a cybercrime intelligence company, saw an ad on a hacker forum this week claiming that they could steal any Twitter account by changing the e-mail address associated with it.
The ad featured a screenshot of the panel, which is typically reserved for top-level Twitter employees, giving them complete control over adding or deleting e-mail to an account.
This means that hackers gained access to Twitter’s backhand just 36 to 48 hours before the bitcoin fraud.
Investigators also point to at least one Twitter account linked to the hack, which is now suspended.
Originally published at https://tehnologijaviews.blogspot.com.