{"id":9317,"date":"2020-07-21T00:50:05","date_gmt":"2020-07-20T21:50:05","guid":{"rendered":"https:\/\/forklog.media\/?p=9317"},"modified":"2020-07-27T01:58:21","modified_gmt":"2020-07-26T22:58:21","slug":"former-globalhell-hacker-the-attack-on-twitter-is-way-bigger-than-anticipated","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/former-globalhell-hacker-the-attack-on-twitter-is-way-bigger-than-anticipated\/","title":{"rendered":"Former GlobalHell Hacker: The Attack on Twitter Is Way Bigger than Anticipated"},"content":{"rendered":"

On Friday Twitter\u2019s team published<\/a> a follow up on their investigation into the recent \u201cBitcoin scam\u201d hack<\/a>. The attack happened on Wednesday when a team of anonymous hackers gained access to many high profile accounts, including those of Binance CEO Changpeng Zhao, Bill Gates, Jeff Bezos, Elon Musk, Joe Biden, Barack Obama, Uber, Apple, and many others. Reportedly this was made possible due to a Twitter employee being socially engineered into disclosing sensitive data.<\/p>\n

<\/p>\n

Right after the hack took place, many hacked accounts were used to promote a Bitcoin scam, which fraudulently promised to send back double the amount to everyone who sends any sum in Bitcoin to a specified wallet.<\/p>\n

It was suggested that the Bitcoin scam was only a ruse, masking the real purpose behind the attack. This information was later confirmed by both Twitter and anonymous hacker sources.<\/p>\n

The scope<\/b><\/h2>\n

According to the latest report, as many as 130 accounts were breached in the course of the attack. 45 of them had their accounts reset and posted the Bitcoin scam messages.<\/p>\n

\u201cThe attackers successfully manipulated a small number of employees and used their credentials to access Twitter\u2019s internal systems, including getting through our two-factor protections. As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, log in to the account, and send Tweets,\u201d <\/i><\/b>Twitter\u2019s statement concluded.<\/i><\/p>\n

At least eight accounts had all of the data scraped with the help of the Your Twitter Data<\/i><\/a> tool. This tool allows downloading all private messages, address book data, physical location history, attached multimedia files, etc. The Verge reported<\/a> that even previously deleted data could be retrieved in this manner.<\/p>\n

Twitter did not disclose which accounts\u2019 data was drained in this way or what they had in common.<\/p>\n

A victory for hackers<\/b><\/h2>\n

As reported by an anonymous source in the hacker community, the hacker team behind the attack was indeed after valuable private data. Bitcoin scam was only a distraction.<\/p>\n

\"Former<\/a><\/i><\/p>\n

Source: Hacker that wished to remain anonymous<\/i><\/p>\n

The source also said that the attack turned out to be bigger than initially anticipated. Twitter\u2019s investigation meanwhile is still ongoing:<\/p>\n

\u201cWe are continuing our forensic review of all of the accounts to confirm all actions that may have been taken. In addition, we believe they may have attempted to sell some of the usernames,\u201d<\/i><\/b> Twitter said in a statement.<\/i><\/p>\n

The recent investigation<\/a> by NYTimes suggested that the hack had no political or ideological motive. The publication reportedly talked to the anonymous hackers behind the heist and learned that they got access to the Twitter credentials when one of them found a way into Twitter\u2019s internal Slack channel, where said credentials were stored in a pinned message.<\/p>\n

\u201cWe\u2019re embarrassed, we\u2019re disappointed, and more than anything, we\u2019re sorry\u201d<\/b><\/h2>\n

Twitter was widely slammed<\/a> for its failure to prevent the attack and to act decisively and efficiently as it was unfolding. In their latest statement, Twitter provided an unconditional apology and informed the public that steps are being taken to prevent such disastrous events in the future. They also noted they are \u201cdeliberately limiting the detail they share on their remediation steps at this time to protect their effectiveness and will provide more technical details, where possible, in the future.\u201d<\/p>\n

Right now Twitter is working to restore access to the affected accounts for their rightful owners. Still, it seems that the real consequences of the hack are yet to be fully comprehended.<\/p>\n","protected":false},"excerpt":{"rendered":"

On Friday Twitter\u2019s team published a follow up on their investigation into the recent \u201cBitcoin scam\u201d hack. The attack happened on Wednesday when a team of anonymous hackers gained access to many high profile accounts, including those of Binance CEO Changpeng Zhao, Bill Gates, Jeff Bezos, Elon Musk, Joe Biden, Barack Obama, Uber, Apple, and […]<\/p>\n","protected":false},"author":6,"featured_media":9288,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"human_written","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[18,43,40],"class_list":["post-9317","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-bitcoin","tag-hackers","tag-twitter"],"aioseo_notices":[],"amp_enabled":true,"views":"2823","promo_type":"1","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/9317","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=9317"}],"version-history":[{"count":7,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/9317\/revisions"}],"predecessor-version":[{"id":9325,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/9317\/revisions\/9325"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/9288"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=9317"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=9317"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=9317"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}