Twitter reveals hackers targeted employees with spear phishing attack to carry out high-profile bitcoin scam

By: |
July 31, 2020 12:39 PM

Twitter said these employees had access to the company's internal tools and attacking and gaining control of their accounts provided hackers with an access to their internal systems.

Twitter laid the blame on human vulnerabilities shown by its employees in getting misled by coordinated efforts from the attackers behind the breach in its internal systems.

Twitter has made its investigation on the recent high-profile bitcoin scam public in a series of tweets and a blog post. Twitter has said that the breach of accounts was done by targeting a handful of the company’s employees through a phone spear phishing attack. Twitter further elaborated that these employees had access to the company’s internal tools and attacking and gaining control of their accounts provided hackers with an access to the company’s internal systems.

“The social engineering that occurred on July 15, 2020, targeted a small number of employees through a phone spear phishing attack. A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools.” Twitter said in its blog post informing revelations that came out of the investigation so far.

Access to Twitter’s internal processes enabled the group of attackers to attack more employees who had access to the company’s sophisticated tools which ultimately helped them in breaching the safeguards of 130 Twitter accounts. The group of hackers then tweeted from 45 accounts, gained access to the direct messages of 36 Twitter accounts, and downloaded the data of 7 Twitter accounts.

Twitter laid the blame on human vulnerabilities shown by its employees in getting misled by coordinated efforts from the attackers behind the breach in its internal systems.

Several big names that include the likes of Barack Obama, Joe Biden, Jeff Bezos, and Warren Buffett had seen their accounts compromised in an apparent bid by attackers to promote the Bitcoin scam on July 15. Twitter said that it has directly communicated with the people whose accounts were compromised and that the accounts that were locked in the correction process have now been made active. The company said that the investigation is still ongoing and the attackers will be identified with a collaborative approach with appropriate authorities.

Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.

Next Stories
1iPhone 12 Pro, iPhone 12 Pro Max demand has apparently surpassed expectations
2Motorola says it will launch India’s most affordable 5G smartphone on November 30
3Nokia 2.4 launched in India; promises 2 years of Android OS updates and 2-day battery life