Twitter reveals how the Bitcoin scam really happened

A newly updated post mortem of the now-infamous Twitter hack confirms that employees were subject to a “phone spear phishing attack.”

This is a sophisticated form of phishing in which malicious actors target specific businesses or individuals using phone calls. During these calls, they may convince the victim to hand over passwords or other information used to access Twitter’s internal tools.

“The attack on July 15, 2020, targeted a small number of employees through a phone spear phishing attack,” Twitter said in a tweet yesterday, adding, “This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems.”

Twitter elaborated that after seizing employee credentials, the hackers targeted other staff members, eventually cracking into what’s been dubbed “God Mode,” aka Twitter’s admin panel.

Twitter had only previously described the hacker’s modus operandi as “social engineering,” without giving further details.

The platform reasserted that over 130 Twitter accounts were compromised, with hackers succeeding in Tweeting a Bitcoin phishing scam from 45 of those—including Barack Obama Elon Musk, Bill Gates, and Democratic presidential candidate Joe Biden.

It wasn’t just Bitcoin they stole, either. Per Twitter, attackers gained access to the direct messages of 36 victims—downloading the personal data of seven individuals.

Twitter exposed

In the weeks since the attack, the scope of Twitter’s security failings has come to light. Last week, it was reported that over 1,000 Twitter staff and even outside contractors had access to the platform’s so-called “God Mode” administrative panel.

It was later revealed by Bloomberg that in 2017, and 2018 the contractors in question—who helped maintain the platform and respond to help-desk inquiries—employed bogus support tickets to snoop on the likes of Beyonce, tracking the popstar’s geolocation data and other private information.

Twitter later disputed the allegations.

“We have no indication that the partners we work with on customer service and account management played a part here,” a Twitter spokesperson told Bloomberg.

Both Twitter and the FBI continue to investigate what happened.

 

Join Geezgo for free. Use Geezgo’s end-to-end encrypted Chat with your Closenets (friends, relatives, colleague etc) in personalized ways.>>
Did you enjoy this post? Please comment below:

  • Bitcoin
  • Ethereum
  • Litecoin
  • Zcash
Scan to Donate Bitcoin to bc1qcc3xajxvdqjnx2f7j7sfcfun7jagr0nh94fa2e

Donate Bitcoin to this address

Scan the QR code or copy the address below into your wallet to send some Bitcoin

Scan to Donate Ethereum to 0x704671D7591d05Dd0790E86Aee964558E9347b07

Donate Ethereum to this address

Scan the QR code or copy the address below into your wallet to send some Ethereum

Scan to Donate Litecoin to ltc1q7tj9ydra9ylkelu42vypp6cu2v0msf5lc2p5mq

Donate Litecoin to this address

Scan the QR code or copy the address below into your wallet to send some Litecoin

Scan to Donate Zcash to t1LiPaQ7gsSL23FbjXswpSoguP6yAE1xj5B

Donate Zcash to this address

Scan the QR code or copy the address below into your wallet to send some Zcash

 396 

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *