[/dropcap]As we follow the US Presidential campaigns on social media, and with the election only months away, this massive security breach on Twitter is concerning.
Starting 1 PM Wednesday, celebrity and brand accounts tweeted a message to promote a crypto scam. If you sent funds to the Bitcoin wallet address in the tweet, it claimed to send back double the amount to you.
The scheme—perhaps the largest Twitter hack in scale and reach—promoted the same Bitcoin wallet address.
The hackers breached the verified accounts of:
- Bill Gates
- Jeff Bezos
- Elon Musk
- Barack Obama
- Warren Buffet
- Kanye West
- Joe Biden
- Michael Bloomberg
- Floyd Mayweather
- HQ Trivia
- Kim Kardashian
The Verge reported that unknowing users sent money through. It found the publicly listed exchanges on the blockchain network, as it shifted funds to the bitcoin wallet address.
In just an hour after the reports of the scam popped up, more than $110K started coming through. Unfortunately, reports suggest these transactions are irreversible.
“Our investigation is still ongoing but here’s what we know so far:
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools. We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.
Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers. We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this. This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions, and will update you if we do.
We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely. Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.”
Some security concerns
The incident reflects how vulnerable Twitter’s security is to deliberate hackers.
While the social network is still sweeping the fallout and investigating how the hack slipped through, the damage is done. The messages have already reached millions of users, as the hacked accounts have followers in that range.
It opens discussions about security concerns for Twitter and social media. A full report will clarify what happened. Still, watchdogs will scrutinize Twitter.
More alarming is the prospect of high-profile users moving to more secure platforms or deleting their Twitter accounts.
With the eye-opening security breach, celebrities and politicians will reconsider how much trust they have on the platform.
A possible cause was an internal control panel, as Twitter deleted screenshots hours after the incident. Hacker groups claimed that the tool could access verified accounts.
Bottom of Form
Twitter CEO Jack Dorsey and product lead Kayvon Beykpour have apologized for the security breach.
Major staffing shifts may be in order.