On Thursday morning we awoke to #twitterhacked trending on Twitter and while at first we thought this was another silly lockdown trend it quickly became clear that this was far more serious.
Late on Wednesday evening several high profile and verified accounts began tweeting about a cryptocurrency scam. According to a report from TechCrunch the accounts tweeting about this scam included Jeff Bezos, Uber, Kim Kardashian West and Joe Biden, among many others.
Given the scope of these compromised accounts it seemed as if something more sinister than the users picking weak passwords – it seemed as if something had happened from within Twitter itself.
Twitter confirmed as much early on Thursday morning.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” the Twitter Support account reported.
Social engineering is where an attacker will try to glean important information from a person through various means. The report by CNN Business below gives you a good idea of how easily a social engineering attack can happen.
It seems then that a Twitter employee fell prey to this sort of attack and the attacker was able to gain access to Twitter’s internal systems. From there we would think that sending tweets from other accounts would be rather simple given the scope of the access an attacker has.
Upon discovering what had happened, Twitter locked down the affected accounts and removed the tweets urging folks to take part in what was clearly a cryptocurrency scam.
“We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this. This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do,” Twitter Support said in a thread.
We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.
— Twitter Support (@TwitterSupport) July 15, 2020
The social network has said that it has taken steps internally to limit access to its systems and its investigation into the incident is ongoing.
This incident should serve as a reminder that nobody, not even one of the biggest social networks in the world is immune to cybercrime.
We will continue to follow this story and provide updates as necessary.