The recent sensational incident of Twitter Hack shacking the cybersecurity community unlike any other attack that Twitter has ever faced. So many top profile influential profiles were abused to scam million of users and steal thousands of dollars in Bitcoin.
After the detailed investigation, Twitter has released a statement and clarified that the hackers downloaded the data from 8 of the compromised twitter handles via their “Your Twitter Data” tool that provides an account owner with a summary of their Twitter account details and activity.
The initial attack was launched via the traditional social engineering method through which attackers targeted the Twitter employees and manipulate them to perform a certain action and gathered confidential information.
The investigation clarifies that the attacker compromised only a small number of employees and used their credentials to access Twitter’s internal tools, even they were successfully bypassed the 2-factor authentication.
The Twitter investigation report says “As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets.”
When we look at the Bitcoin scam Tweets that posted in the top follower’s profile, attackers carefully picked the accounts which fall under the high reputation, most followers, well-known influencer, cryptocurrency trading platforms and successfully launched the attack, in result, thousands of followers lost $120,000 worth bitcoins to the scammer’s account.
Other than the scam tweets, Hackers downloaded the data from only 8 of the twitter accounts, and the account details are not disclosed due to the security concern, also Twitter team directly reached out to the account holders and all the 8 accounts aren’t verified profiles.
Soon after the incidents happen, Twitter security experts limited the compromised accounts access to the attackers and regained all the hacked accounts and locked it down.
“Our incident response team secured and revoked access to internal systems to prevent the attackers from further accessing our systems or the individual accounts.” Twitter says.
Twitter said that there is a certain things attacked accessed the following.
Twitter learned a great lesson through this massive incident, and the investigation is still going, which helps further securing the platform from the feature attacks.
Not only Twitter, but the other organization should take this kind of attack is a serious thing and provide proper company-wide training through a partnership with the best cybersecurity training academy to guard against social engineering tactics to supplement the training employees receive during onboarding.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
Also Read
Twitter CEO Jack Dorsey Account Hacked using Sim Swapping Attack
Twitter Bug Exposed Location Data of iOS Users to Advertiser
India’s Biggest Star Amitabh Bachchan’s Twitter Account Hacked
The VIPKeyLogger infostealer, exhibiting similarities to the Snake Keylogger, is actively circulating through phishing campaigns. …
INTERPOL has called for the term "romance baiting" to replace "pig butchering," a phrase widely…
Cybersecurity experts are sounding the alarm over a new strain of malware dubbed "I2PRAT," which…
A new cyber campaign by the advanced persistent threat (APT) group Earth Koshchei has brought…
Recent research has linked a series of cyberattacks to The Mask group, as one notable…
RiseLoader, a new malware family discovered in October 2024, leverages a custom TCP-based binary protocol…