
Coordinated social engineering attack has hit us: Twitter (2nd Ld)

San Francisco, July 16 (IAN) Facing the worst-ever scam in the history of social media, Twitter on Thursday acknowledged hackers have taken control of its internal system and tools as they made over $100,000 in bitcoin scam (the figure was still growing) after hijacking several top-notch Twitter accounts.

The cybercriminals sent bogus tweets from high-profile people like Joe Biden, Barack Obama, Mike Bloomberg and tech billionaires and companies, including Jeff Bezos, Bill Gates and Musk, Apple and Uber, offering to send $2,000 for every $1,000 sent to a bitcoin address.

Twitter later admitted its internal systems were compromised.

“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” tweeted Twitter Support.

“We know they (hackers) used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf,” it added.

Celebrities like Kanye West and his wife, Kim Kardashian West, were also hacked.

According to media reports, Blockchain records revealed that the scammers had received more than $100,000 worth of cryptocurrency, and the scam was still on.

Twitter said they were looking into what other malicious activity the hackers may have conducted or “information they may have accessed and will share more here as we have it”.

Some experts said it seemed probable that hackers had access to Twitter’s internal infrastructure.

“It is highly likely that the attackers were able to hack into the back end or service layer of the Twitter application,” Michael Borohovski, director of software engineering at security company Synopsys, was quoted as saying in media reports.

To mitigate the impact, Twitter said it immediately locked down the affected accounts and removed Tweets posted by the attackers.

It also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised).



Back to top button