130 Twitter accounts were targeted by hackers in the grand Bitcoin scam

130 Twitter accounts were targeted by hackers in the grand Bitcoin scam
Credit: Morning Brew/unsplash

Yesterday was probably one of the busiest days for Twitter‘s security team, as a hacker managed to get hold of high-profile accounts and tweeted about a Bitcoin scam.

The strategy used for this hack is what’s called social engineering: the attackers managed to convince someone at the company to give them access to Twitter‘s admin tools.

[Read: Everything we know about how Twitter’s biggest hack went down]

In a fresh revelation, the social network said that hackers targeted approximately 130 accounts and took control of a handful of them. Twitter is still investigating the incident and has temporarily disabled ‘download my data‘ function for all users.

The company is also working to see if non-public data — such as DMs and passwords — of affected accounts were also compromised.

In addition to that, a report from Brian Krebs of Krebsonsecurity sheds more light on how this incident might’ve taken place. The report notes that the hackers were probably experts in SIM swapping — a method to crack the two-factor authentication method of accounts to take over them.

Krebs said that SIM Swappers are obsessed with OG handles — early usernames of a social media network with one or two characters, or just common names (like ‘Adam’ or ‘Julia’). And days leading up to the attack, he saw a lot of activity on hijacking related forums, claiming to give you control of any Twitter username in exchange for money.

Credit: Kerbsonsecurity
A now-suspended twitter account that tweeted screenshots of the company’s admin tools

Yesterday, Vice reported that hackers got hold of Twitter’s internal admin tools that could control user accounts, and managed to change email IDs associated with high-profile accounts. Kerbs’ report adds that when someone changes email IDs of accounts through that tool, the user doesn’t get a notification — which means that hijacking targets like Barack Obama and Bill Gates likely didn’t realize when their accounts were taken over.

After this attack, there’s strong criticism of Twitter’s product team as to why they haven’t implemented end-to-end encryption for DMs. Eva Galperin, director of cybersecurity at Electronic Frontier Foundation (EFF), said the social network wouldn’t have to worry about the attackers reading private DMs of the affected accounts if they had put this in place as previously advised by her organization.

Senator Ron Wyden also raised the question about this missing security feature. He said that Twitter CEO Jack Dorsey said the company was working on implementing end-to-end encryption for DMs when they met in 2018.

Meanwhile, the FBI has opened an investigation into the incident and the US Senate Commerce Committee has asked Twitter to brief it on July 23. Twitter will have to answer a lot of questions before this incident is forgotten. 

Read next: How (and why) you should remove hierarchy from your dev team