The hackers responsible for what could be the biggest attack on Twitter succeeded because employees have high levels of access to information and control over the platform.
In a series of Twitter Support tweets on July 15, the social network’s help center confirmed that the hackers responsible for the massive account violation of prominent individuals had carried out a „coordinated social engineering attack“ to gain „access to internal systems and tools.
„We know that they used this access to take control of many highly visible accounts (including verified ones) and tweet on their behalf,“ said Twitter support. „We are investigating what other malicious activities they may have performed or information they may have accessed and will be sharing more than we have at this time.
The report said the platform had taken „significant steps to limit access to internal systems and tools“ as the breach was investigated.
Whale Alert can no longer tweet due to Twitter’s anti-hacking measures
Access to promote fake Bitcoin gifts
Hackers managed to post tweets using the accounts of prominent figures such as Barack Obama and Joe Biden to promote a fake Bitcoin (BTC) gift that has so far defrauded more than 300 users out of a total of $118,000.
The management panels of the employees who were targeted by the scam have important access to a variety of tools to control the affected accounts, including posting messages in their name and changing the verification phone number and email address.
The Twitter user sniko_ posted screenshots indicating that the hackers may have changed the verification email address for the Coinbase and Gemini accounts, as they were the same after the attack.
Who owns the domain “CryptoForHealth“ after the Twitter hacks?
Vice’s Motherboard reported that Bitcoin Millionaire was taking pictures of administration panels posted by users claiming they were violating the rules. The images showing access to various Twitter accounts revealed details of the internal administration, including the number of attacks registered against each account, when the account was last accessed, what phone numbers were linked to it and what email addresses were used for verification.