fbpx
Sunday, May 5, 2024
Latest:

Johor Business Network

All about Johor Business

Technology 

New details emerge in the Twitter hack that took over more than 100 accounts last week, including those of Bill Gates, Barack Obama, and Elon Musk

editor

As the dust settles from one of the biggest hacks in Twitter’s history last week, investigators inside and outside the company are still trying to understand what happened.

The hack compromised some of the most prominent accounts on Twitter last Wednesday, including Barack Obama, Kim Kardashian, Bill Gates, and Elon Musk. The compromised accounts repeatedly posted fraudulent messages urging people to send bitcoin to a specific address. After more than two hours of mayhem, Twitter stopped the messages by blocking all verified accounts from posting tweets. But damage to the company’s reputation was already done, and Twitter saw $1.3 billion in market value wiped out in premarket trading the next day.

Twitter disclosed new findings about the hack in a blog post published over the weekend. It said that 130 accounts were accessed by the hackers in total, and added that the perpetrators downloaded data from eight of those accounts.

“We’re embarrassed, we’re disappointed, and more than anything, we’re sorry,” the company said in the blog post Saturday. “We know that we must work to regain your trust, and we will support all efforts to bring the perpetrators to justice.”

But Twitter has not yet publicly identified who might have been behind the hack. It’s now the subject of investigations launched by the FBI and New York State regulators. Congressional lawmakers have also sent questions to Twitter demanding more information about the nature of the attack.

Looming unanswered questions include how the hackers gained access to the Twitter accounts, the hackers’ motives, and whether Twitter has patched the vulnerabilities in question. Hackers appear to have pilfered over $100,000 through bitcoin sent to the wallet linked in the fraudulent tweets, but cybersecurity experts noted that hackers could have leveraged far more money if they had used compromised accounts in other ways, like playing the stock market. Experts have also questioned whether another attack could be imminent.

How the hack might have happened

Theories are still swirling about the specifics of the hack, but a few central facts have come into focus in the days that followed.

For one, it seems clear that hackers took over the accounts after gaining access to an internal dashboard meant for Twitter employees. The tool, the existence of which was first reported by Motherboard, apparently allowed hackers to take over accounts by changing their associated email addresses without notifying their owners.

And screenshots obtained by security researchers and shared with Business Insider show people discussing the internal tools in hacker forums in the days leading up to the attack. One person posted in the forum claiming that they could change the email address of any Twitter account for prices ranging from $250 to $3,000.

Twitter said last week that hackers targeted Twitter employees with a “social engineering” scheme in order to gain access to the internal dashboard, but it’s not clear whether or not a Twitter employee was aware of hackers’ plans prior to the hack. Hundreds of Twitter employees have access to the tools in question, former employees told CNN.

Since then, reports have suggested that the people discussing the hacks on the forums were relatively unsophisticated hackers. The New York Times reported Friday that the hack was carried out by a group of young people, citing interviews with people involved in the hack. Security researcher Brian Krebs traced the identity of one of the forum posts to a 21-year-old British man who may have been involved in the hack.

It’s still unclear whether Twitter has adequately patched the vulnerability in order to prevent a similar hack in the future. Twitter said its “next steps” include securing its systems and rolling out company-wide training to guard against social engineering schemes, and the company promised transparency as investigations into the hack continue.

“Through all of this, we also begin the long work of rebuilding trust with the people who use and depend on Twitter,” the company said.

Source: BusinessInsider

You May Also Like

Battle for Bloodborne PS5 Enters New Phase as Modders Port 60fps Patch to Retail Hardware – Push Square

johorbiznet

Cyber Protocol – Launch Trailer – Nintendo Switch – Nintendo

johorbiznet
Facebook suspends thousands of apps but user impact unclear

Facebook suspends thousands of apps but user impact unclear

editor