29 Sep Twitter Account Hack – The Truth Revealed
Do you have a Twitter account?
It seems almost silly to ask the question at a time when the entire world lives on social media.
Everybody, from my aunt to U.S. President Donald Trump has at least dabbled in it, if not use it everyday to tell the world what they ate for lunch. That’s why, when on a seemingly simple Wednesday (July 15, 2020), Twitter suddenly went into protective overdrive, tongues began to wag.
Within a few hours, it was evident that Twitter had been the victim of a cyber breach. But what exactly happened? How much was compromised?
And above all, could it all have been prevented?
That’s what we’re going to explore today. So stick around for an interesting read.
The Incident And What We Already Know
According to the information posted on the official Twitter blog, events unfolded somewhat like this. On July 15, Twitter detected a significant breach in their internal systems.
By means of the breach, the attackers took control of tools that are normally only available to Twitter’s internal support staff. As a result, they succeeded in gaining access to about 130 high profile Twitter accounts.
The accounts that were hacked included those of Bill Gates, Jeff Bezos, Elon Musk, and Kanye West, to name a few. Of these accounts, close to 45 were completely compromised where the attackers managed to initiate and complete a password reset.
From these accounts, the attackers sent fraudulent tweets, purporting to be from these high profile individuals. The tweets invited people to send in their money to a bitcoin wallet, where it would be doubled.
Of course, those who did send the money never saw a penny of it back. The scam, though rather rudimentary, still provided financial gains of over $100,000 for the attackers.
In addition to running the above scam, the attackers also downloaded complete account information for 8 accounts. as they had managed to take control of the Your Twitter Data tool. This tool serves to provide the account owner with a summary of their Twitter account details and account activity. Twitter has also mentioned on the blog that none of the eight were verified accounts, meaning accounts of public interest that Twitter has deemed authentic.
But how exactly was the attack perpetrated? What hacking methodology did the hackers employ to drill into one of the biggest internet companies of present times?
That’s what we’re going to explore next.
The How Behind The Hack
Turns out, in this case, the hackers adopted a simple yet highly effective methodology and went after the weakest link in the cyber security chain: the human element. Rumors have been going around of a disgruntled employee who was working in collusion with the hackers, but this has not been verified. But as per Twitter’s blog, the hackers duped a few employees by means of a social engineering hack and managed to gain access.
As we know, social engineering techniques involve manipulating human operators and tricking them into providing access to secure systems. This is done mostly by means of phishing emails, and similar devices. Though a seemingly simple technique, social engineering is highly effective and can yield fast results.
So once the perpetrators had gained access to the login credentials of the employees, they were able to bypass Twitter’s two-factor authentication (2FA) system. This allowed them to gain access to the target accounts. Also, since they bypassed two-factor authentication, sources suspect the use of SIM-swapping.
Whatever the case, one thing is clear: the attackers primarily went after celebrity profiles and “OG” (Orignal Gangster) user accounts. These are Twitter accounts with succinct handles, such as @c or @jim. Such handles are of commercial interest and sell for considerable sums of money.
The Probable Motive
But why this sudden attack on Twitter? Primarily, the motive seems to have been monetary gain. However, the flashy nature of the hack, together with the focus on celebrity accounts, suggests something else as well. This may very well have been a proof-of-concept attack, intended to showcase the hacker’s skills. Rumor has it that a shadowy hacker known as Kirk was behind the job.
Twitter is already on a war footing to make things right. Most of the affected accounts have already been restored, and remediation efforts are underway. But there’s no denying the damage done to Twitter’s brand image. Even though the scam amount is seemingly small, still, the toll on Twitter could be of epic proportions.
Could This Have Been Avoided?
Readers might be surprised to know that this is not the first time that Twitter account has been hacked. Last year, the SIM-swap attack hit Twitter CEO, Jack Dorsey. If there’s one thing these incidents show, it’s that the IT assets of no business, however large, can be truly invulnerable.
For this reason, it’s essential that businesses make it a point to focus on data security. They can do this best by securing business-critical data such as client information and confidential data items.
In this respect, penetration testing can be of great help. This proactive protection technique involves testing a software system and associated infrastructure from the hackers’ viewpoint. Doing so may reveal chinks in the cyber security armor that, once plugged, can prevent such attacks as befell Twitter.
When it comes to cyber security, constant vigilance is the only option. Being reactive rather than proactive is definitely not a desirable approach for ensuring data safety.
We hope that Twitter recovers soon, and takes the required steps to be more resilient to attacks. Till then, the world will be keeping their eyes on the brand, and hoping for its speedy recovery.
And, of course, we’ll tweet all about it