Sci-tech

Twitter says 'social engineering' let hackers access verified accounts for Bitcoin scam

Twitter says 'social engineering' let hackers access verified accounts for Bitcoin scam”

However, access to the tools is strictly limited and only granted for legitimate business reasons.

As noted by previous reports and Twitter, attackers used the internal admin privileges to bypass two-factor authentication protections, changing the email and password credentials of targeted accounts.

The embarrassing July 15 attack affected the accounts of some of Twitter's most high-profile users, including Tesla CEO Elon Musk and celebrities Kanye West and his wife, Kim Kardashian West, in an apparent attempt to lure their followers into sending money to an anonymous Bitcoin account.

In earlier updates, Twitter said it found no evidence that the scammers never gained access to the impacted accounts' passwords and that they will not be reset.

Attackers also targeted specific employees who had access to account support tools, Twitter said here adding that it restricted access to its internal tools and systems ever since the incident occurred. Hackers further downloaded undisclosed "Twitter Data" from seven accounts, the company said.

On July 15, a number of high-profile verified Twitter accounts, including Elon Musk and Jeff Bezos, began tweeting out a freakish promise to double Bitcoin donations sent to them.

More news: Netflix Is Developing A 'Splinter Cell' Series

According to the company, a small number of employees were targeted in a "phone spear phishing attack", suggesting that hackers called some of its staff and duped them into thinking they were speaking with fellow Twitter employees, leading them to reveal the credentials the hackers needed to access internal account support tools.

"Using the credentials of employees with access to these tools, the attackers targeted 130 Twitter accounts, ultimately Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7", Twitter wrote in their statement.

Generally, spear phishing is where criminals target an individual and use correct information about them to lull them into a false sense of security.

"As a result, some features (namely, accessing the Your Twitter Data download feature) and processes have been impacted".

According to a Reuters report, over 1,000 Twitter contractors and employees had access to the company's internal tools before the attack. "We take that responsibility seriously and everyone at Twitter is committed to keeping your information safe".



Like this

loading...
loading...

Latest


31 July 2020
Boris Johnson pauses England's coronavirus reopening
"Our assessment is that we should now squeeze that brake pedal", said Johnson at a press briefing. They will have to wait at least another two weeks, he said.

31 July 2020
Samsung looks forward to quantum dot TVs, new game systems and phones
Also, the back camera setup is vertically aligned and is accompanied by an LED flash, similar to Samsung's Galaxy Note 20 . On the back, the Z Fold 2 5G has a triple camera system featuring a 64MP main camera alongside two 12MP cameras.

31 July 2020
Apple revenues grow 11% to $59.7 billion for Q3 2020
The delay likely has to do with Apple's supply chain, which COVID-19 disrupted when the virus broke out across China in January. Its input grew more than 18.9 per cent year-on-year in the third quarter of this year, contributing $14.17bn of total sales.

31 July 2020
Hong Kong blocks 12 activists from polls
The disqualifications are a setback for pro-democracy activists, who aimed to win a majority of seats in the legislative council . Among the provisions was the possibility for the Hong Kong government to extradite criminal suspects to mainland China .

31 July 2020
Charlie Elphicke trial: Ex-MP guilty of sexual assaults
She told jurors that she had rejected his advances and that Elphicke said he had "not been happy for years" in his marriage. His former wife, Natalie Elphicke, posted on Twitter: "Today's verdict is one that brings profound sorrow".

31 July 2020
Virgin Galactic unveils space tourism for the super rich
Virgin Galactic also released an "augmented reality enabled" mobile app, showcasing the cabin design and spaceflight experience. Virgin Galactic said these will offer comfort and mobility during spaceflight.

31 July 2020
Google confirms Pixel 4a reveal coming on August 3
Google has published a new Store Page for its upcoming mid-range Pixel smartphone, teasing the imminent launch of the device. It has updated the account's name on Twitter and Facebook to 'The Google RTing, Meme Loving, Info Sharing Stream' for fun.

31 July 2020
Rhea Chakraborty denies threatening and intimidating Sushant Singh Rajput
Sources have also revealed that the police officials are allegedly trying to hide the identity of this person. The Bihar cops are investigating the case and are recording the statement of Sushant's close associates.

31 July 2020
COVID-19 pandemic is 'one big wave', not seasonal
Harris explained that, despite the sudden uptick, the pandemic is still only in its first wave. Now the best thing is to flatten it and turn it into just something lapping at your feet .

31 July 2020
Sergio Perez coronavirus: How long is he out and who's replacing him?
A second test was carried out on Thursday, with the result announced in the evening revealing Perez has coronavirus . Racing Point's Sergio Perez has tested positive for coronavirus and will miss this weekend's British Grand Prix .