advertisement
advertisement

Here’s what we know about the attack on Twitter verified accounts so far

Here’s what we know about the attack on Twitter verified accounts so far
[Image: OpenClipart-Vectors/Pixabay; joshborup/Pixabay]

Late last night, an historic attack hit Twitter, which saw dozens of high-profile verified accounts being taken over. The compromised accounts included those of Bill Gates, Warren Buffett, Kanye West, Kim Kardashian, Joe Biden, Jeff Bezos, Elon Musk, Barack Obama, Uber, and Apple—among many, many others.

advertisement

Most of the accounts that were taken over soon posted messages about bitcoin. There were a few variations to the messages, but in general, they were worded to make it look like the Twitter account holder was asking followers to send them bitcoin, and in return they would then send the follower double the amount of bitcoin they sent.

Yeah, obviously a scam. Yet, more than 12 hours after the attack was first reported, we still have little information about who was behind it or how it happened. However, thanks to a few tweets from Twitter’s official support channel we can glean a few bits of information. The two most relevant tweets are as follows:

Now, let’s break these tweets down:

  • “We detected what we believe to be a coordinated social engineering attack . . .” A social engineering attack is one in which the attackers use psychological tricks and manipulation to get a person to either give direct access to an account or to give access to sensitive information that ultimately helps the attacker access the account. What this means is the attackers didn’t “hack” Twitter in the traditional sense—by using code or malware to infiltrate its systems.
  • “. . .  by people who successfully targeted some of our employees with access to internal systems and tools.” Here Twitter is saying that some of its employees who had access to (apparently critical and wide-ranging) tools were the ones who were targeted in the attack. In other words, these employees were duped into giving the attackers access to the verified accounts either directly, or by surrendering relative information that ultimately allowed the attackers access.
  • “We’re looking into what other malicious activity they may have conducted or information they may have accessed.” This line from the second tweet above is the relevant part. It means Twitter is currently uncertain whether the attack left other parts of the service vulnerable. They know the attackers tweeted on the account holders’ behalves, but it’s possible the attackers compromised Twitter or the account holders in other ways, too.

In other words, there’s a ton we still don’t know. But that doesn’t mean Twitter doesn’t know more. It’s possible they are being coy with information at the behest of government agencies, which are likely to be involved in the investigation since the attack is so high-profile, and Twitter hosts thousands of political leaders and government agency accounts.

But no matter who is behind the attack, one thing is for sure: The attack is a major embarrassment for the company. As Twitter’s CEO Jack Dorsey summed up: “Tough day for us at Twitter.”

advertisement
advertisement