Twitter Hackers Gained Access to Accounts Using Internal Tool
Several verified high profile Twitter accounts were hacked on Wednesday in a cryptocurrency scam that targeted accounts belonging to Apple, Tesla CEO Elon Musk, Amazon CEO Jeff Bezos, Microsoft CEO Bill Gates, and more.
Twitter has said it doesn't believe any passwords were stolen in the hack, which forced the company to temporarily lock all verified accounts on the platform. While the company continues to investigate the attack, a new report suggests at least one Twitter employee and possibly more were involved in the takeover.
Motherboard was able to speak to two of the alleged hackers, who claim they paid a Twitter employee to gain access to the compromised accounts using an internal tool. This tool apparently allows staff to change the email address associated with accounts, and it was this ability that allowed the security breach to take place.
Twitter on Thursday said that a "coordinated social engineering attack" had targeted some of its staff as part of the hack.
Hackers posted tweets on the compromised accounts saying that if followers sent Bitcoin to a wallet address then they would receive double the amount in return. Many users clearly fell for the scam, which earned the hackers over $100,000 in the space of two hours.
Twitter believes approximately 130 accounts were targeted by the attackers in some way as part of the incident, but the company has not yet been able to confirm whether DMs were compromised. The FBI is also investigating how the breach was allowed to happen.
Popular Stories
Last year's iPhone 13 Pro models were the first of Apple's smartphones to come with 120Hz ProMotion displays, and while the two iPhone 14 Pro models will continue to feature the technology, their screens could well boast expanded refresh rate variability this time round.
To bring ProMotion displays to the iPhone 13 Pro models, Apple adopted LTPO panel technology with variable refresh...
Leaker Jon Prosser today shared ostensibly accurate renders of the iPhone 14 Pro, providing the most accurate look yet at what the device could look like when it launches later this year.
In the latest video on YouTube channel Front Page Tech, Prosser revealed renders of the iPhone 14 Pro made by Apple concept graphic designer Ian Zelbo, highlighting a range of specific design changes...
With around four months to go before Apple is expected to unveil the iPhone 14 lineup, the overwhelming majority of rumors related to the new devices so far have focused on the iPhone 14 Pro, rather than the standard iPhone 14 – leading to questions about how different the iPhone 14 will actually be from its predecessor, the iPhone 13.
The iPhone 14 Pro and iPhone 14 Pro Max are expected...
The iPhone 14 will feature a more expensive "high-end" front-facing camera with autofocus, partly made in South Korea for the first time, ET News reports.
Apple reportedly ousted a Chinese candidate to choose LG Innotek, a South Korean company, to supply the iPhone 14's front-facing camera alongside Japan's Sharp. The company is said to have originally planned to switch to LG for the iPhone...
Apple today confirmed that the keynote event for the Worldwide Developers Conference will begin at 10:00 a.m. Pacific Time on June 6, the first day of WWDC. The keynote will be an online-only event, though a select number of developers have been invited to the Apple Park campus for a viewing event.
In addition to confirming the keynote date and time, Apple has shared the full WWDC 2022...
Apple today announced new Pride bands for the Apple Watch, with new Pride Edition Sport Loop and Pride Edition Nike Sport Loop options available.
The new Pride Edition bands are available to order today for $49 on Apple.com and in the Apple Store app, and will be available at Apple Store locations starting May 26. The Pride Edition Nike Sport Loop is also coming soon to Nike.com.
This...
Top Rated Comments
not to mention a few years ago, a single fake tweet "from the AP" cost billions in losses and the hack lasted like 3 minutes.
this hack lasted 2-3hours where the hackers/rogue employee had full account access to every blue check including DM's
there are easier ways to make money with that kind of info/access if that was the goal
which makes the Bitcoin scam look like a smokescreen or the US being put on notice by an adversary
which funny enough is the most comforting, we could already assume an enemy Gov't has the hacking resources as well as the means to bribe/coerce an employee.
but if it was truly just idiots out for money it shows what power idiots can access at twitter.
eitherway shows the security problems