Celebrity Twitter hack caused by ‘phone spear phishing attack’
Earlier in July, Twitter experienced a major hack targeting the accounts of celebrities such as Elon Musk, Bill Gates, Jeff Bezos, Mike Bloomberg and Kanye West.
As a result of the cyberattack, hackers managed to collect $116,000 worth of bitcoin from Twitter users who believed that the celebrities would send them $2,000 in exchange for $1,000 of bitcoin.
In the weeks since the attack, Twitter has been trying to figure out how the attack occurred and how similar attacks can be prevented in the future. On Thursday (30 July), Twitter published an update on the incident, detailing what they have discovered to date.
The company said that the attack relied on a “significant and concerted attempt to mislead certain employees and exploit human vulnerabilities” to gain access to internal systems.
While the company’s investigation took place, former Twitter staff have said that more than 1,000 employees at the company had access to tools to edit user account settings or hand access over to others. In response, the company has said that access is “strictly limited.”
Twitter’s latest update on the incident
The company promised to publish a more technical report on what occurred at a later date, but for now this report will be put on hold as the company completes work to safeguard its service, as well due to the ongoing law enforcement investigation.
Twitter said that the attack was made using a ‘phone spear phishing attack’. The firm said: “A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools.”
The company said that not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access the firm’s internal systems and gain information about Twitter’s processes.
Twitter said: “This knowledge then enabled them to target additional employees who did have access to our account support tools. Using the credentials of employees with access to these tools, the attackers targeted 130 Twitter accounts, ultimately tweeting from 45, accessing the DM inbox of 36 and downloading the Twitter data of seven.”
The company addressed concerns about its tools and levels of employee access. Twitter said that access to the tools that can be used to edit user settings is “strictly limited” and is only granted for valid business reasons.
“We have zero tolerance for misuse of credentials or tools, actively monitor for misuse, regularly audit permissions, and take immediate action if anyone accesses account information without a valid business reason,” the company said.
Twitter added: “This was a striking reminder of how important each person on our team is in protecting our service. We take that responsibility seriously and everyone at Twitter is committed to...