In brief
- Twitter reveals that the attack used to carry the mass bitcoin scam was a “phone spear phishing attack.”
- The attack in question targets specific businesses and individuals using phonecalls.
- More of Twitter's security flaws have come to light since the hack.
A newly updated post mortem of the now-infamous Twitter hack confirms that employees were subject to a “phone spear phishing attack.”
This is a sophisticated form of phishing in which malicious actors target specific businesses or individuals using phone calls. During these calls, they may convince the victim to hand over passwords or other information used to access Twitter’s internal tools.
Last week hackers hijacked Twitter, taking control of the accounts of several high-profile individuals. But rather than start World War 3, they elected to run a simple Bitcoin scam—swindling a total of 12.5 Bitcoin ($120,000).
Now, the Bitcoin is on the move, and here’s how the hackers are trying to escape with their spoils.
According to blockchain analytics firm Ciphertrace, the hackers are using a combination of Bitcoin mixing services, gambling sites, exchanges—and even defunct addresses—in...
"The attack on July 15, 2020, targeted a small number of employees through a phone spear phishing attack,” Twitter said in a tweet yesterday, adding, "This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems."
Twitter elaborated that after seizing employee credentials, the hackers targeted other staff members, eventually cracking into what's been dubbed "God Mode," aka Twitter's admin panel.
Twitter had only previously described the hacker's modus operandi as “social engineering,” without giving further details.
The platform reasserted that over 130 Twitter accounts were compromised, with hackers succeeding in Tweeting a Bitcoin phishing scam from 45 of those—including Barack Obama Elon Musk, Bill Gates, and Democratic presidential candidate Joe Biden.
It wasn't just Bitcoin they stole, either. Per Twitter, attackers gained access to the direct messages of 36 victims—downloading the personal data of seven individuals.
Twitter exposed
In the weeks since the attack, the scope of Twitter's security failings has come to light. Last week, it was reported that over 1,000 Twitter staff and even outside contractors had access to the platform's so-called "God Mode" administrative panel.
It was later revealed by Bloomberg that in 2017, and 2018 the contractors in question—who helped maintain the platform and respond to help-desk inquiries—employed bogus support tickets to snoop on the likes of Beyonce, tracking the popstar's geolocation data and other private information.
Twitter saw a hack on an unprecedented scale on Wednesday when scammers targeted multiple high-profile accounts, sending a volley of tweets extorting Bitcoin from the 346 million followers of Barack Obama, Apple, Uber, Joe Biden, Elon Musk, and 20 others.
The tweets promised users that the account holders would double the donations they sent to the Bitcoin addresses provided—a classic scam. The hackers walked away with around $120,000, but, more importantly, they left some key lessons for social...
Twitter later disputed the allegations.
"We have no indication that the partners we work with on customer service and account management played a part here," a Twitter spokesperson told Bloomberg.
Both Twitter and the FBI continue to investigate what happened.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.