Twitter Hackers Gained Access to Accounts Using Internal Tool
Several verified high profile Twitter accounts were hacked on Wednesday in a cryptocurrency scam that targeted accounts belonging to Apple, Tesla CEO Elon Musk, Amazon CEO Jeff Bezos, Microsoft CEO Bill Gates, and more.
Twitter has said it doesn't believe any passwords were stolen in the hack, which forced the company to temporarily lock all verified accounts on the platform. While the company continues to investigate the attack, a new report suggests at least one Twitter employee and possibly more were involved in the takeover.
Motherboard was able to speak to two of the alleged hackers, who claim they paid a Twitter employee to gain access to the compromised accounts using an internal tool. This tool apparently allows staff to change the email address associated with accounts, and it was this ability that allowed the security breach to take place.
Twitter on Thursday said that a "coordinated social engineering attack" had targeted some of its staff as part of the hack.
Hackers posted tweets on the compromised accounts saying that if followers sent Bitcoin to a wallet address then they would receive double the amount in return. Many users clearly fell for the scam, which earned the hackers over $100,000 in the space of two hours.
Twitter believes approximately 130 accounts were targeted by the attackers in some way as part of the incident, but the company has not yet been able to confirm whether DMs were compromised. The FBI is also investigating how the breach was allowed to happen.
Popular Stories
Apple is set to unveil iOS 18 during its WWDC keynote on June 10, so the software update is a little over six weeks away from being announced. Below, we recap rumored features and changes planned for the iPhone with iOS 18. iOS 18 will reportedly be the "biggest" update in the iPhone's history, with new ChatGPT-inspired generative AI features, a more customizable Home Screen, and much more....
Apple today released several open source large language models (LLMs) that are designed to run on-device rather than through cloud servers. Called OpenELM (Open-source Efficient Language Models), the LLMs are available on the Hugging Face Hub, a community for sharing AI code. As outlined in a white paper [PDF], there are eight total OpenELM models, four of which were pre-trained using the...
Apple has announced it will be holding a special event on Tuesday, May 7 at 7 a.m. Pacific Time (10 a.m. Eastern Time), with a live stream to be available on Apple.com and on YouTube as usual. The event invitation has a tagline of "Let Loose" and shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Subscribe to the MacRumors YouTube channel for more ...
There are widespread reports of Apple users being locked out of their Apple ID overnight for no apparent reason, requiring a password reset before they can log in again. Users say the sudden inexplicable Apple ID sign-out is occurring across multiple devices. When they attempt to sign in again they are locked out of their account and asked to reset their password in order to regain access. ...
Best Buy is discounting a collection of M3 MacBook Pro computers today, this time focusing on the 14-inch version of the laptop. Every deal in this sale requires you to have a My Best Buy Plus or Total membership, although non-members can still get solid second-best prices on these MacBook Pro models. Note: MacRumors is an affiliate partner with Best Buy. When you click a link and make a...
Apple used to regularly increase the base memory of its Macs up until 2011, the same year Tim Cook was appointed CEO, charts posted on Mastodon by David Schaub show. Earlier this year, Schaub generated two charts: One showing the base memory capacities of Apple's all-in-one Macs from 1984 onwards, and a second depicting Apple's consumer laptop base RAM from 1999 onwards. Both charts were...
Top Rated Comments
not to mention a few years ago, a single fake tweet "from the AP" cost billions in losses and the hack lasted like 3 minutes.
this hack lasted 2-3hours where the hackers/rogue employee had full account access to every blue check including DM's
there are easier ways to make money with that kind of info/access if that was the goal
which makes the Bitcoin scam look like a smokescreen or the US being put on notice by an adversary
which funny enough is the most comforting, we could already assume an enemy Gov't has the hacking resources as well as the means to bribe/coerce an employee.
but if it was truly just idiots out for money it shows what power idiots can access at twitter.
eitherway shows the security problems