Earlier, it’s been revealed that a number of high-profile Twitter accounts have been simultaneously hacked by attackers.
The bad actors hacked some accounts that had even a few million followers in order to spread a crypto scam.
The compromised accounts included Apple, Elon Musk, Joe Biden, Binance, Coinbase, and more.
The broadly targeted hack remained mysterious even hours after taking place. As it’ s been earlier addressed, the accounts posted a message that was promoting the address of a Bitcoin wallet, claiming that the amount of any payment made to the address would be then doubled and sent back.
This is a really popular crypto scam technique. As TechCrunch notes, ” Kim Kardashian West, Jeff Bezos, Bill Gates, Barack Obama, Wiz Khalifa, Warren Buffett, YouTuber MrBeast, Wendy’s, Uber, CashApp and Mike Bloomberg also posted the cryptocurrency scam.”
Our investigation is still ongoing but here’s what we know so far:
— Twitter Support (@TwitterSupport) July 16, 2020
Hacker gained access to a Twitter admin tool
Twitter first acknowledged the situation at 2:45 p.m. PT Wednesday afternoon, referring to it as a “security incident.”
We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.
— Twitter Support (@TwitterSupport) July 15, 2020
It’s been revealed that a hacker gained access to a Twitter admin tool of the company’s network that allowed they to take over some high profile Twitter accounts to spread the crypto scam.
A spokesperson on Twitter confirmed the fact that the attack was caused by “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
The hack managed to generate more than $100k in a few hours after the bad actor gained access to an internal Twitter tool which they used to take control of the Twitter accounts.
The hacker known as Kirk used the tool to reset the associated email addresses of the accounts that have been hacked and to make it really hard to gain back control.
Most accounts should be able to Tweet again. As we continue working on a fix, this functionality may come and go. We’re working to get things back to normal as quickly as possible.
— Twitter Support (@TwitterSupport) July 16, 2020
To gain control back over the accounts, Twitter suspected some account actions in an effort to stem the account hijacks.