Following this week’s earlier attack on Twitter, which saw a number of high-profile accounts taken over by scammers, the company has released a little more information about the incident. The attack took place on Wednesday, which saw many verified accounts taken over, with tweets then posted asking the account’s followers to send them bitcoin in return for double the amount of the cryptocurrency sent.
Yesterday, Twitter’s support account revealed that it believed the attack was carried out by an individual or group using social engineering on Twitter employees to gain access to internal company tools, which allowed them to take over the high-profile accounts. Accounts compromised included Joe Biden, Jeff Bezos, Elon Musk, Barack Obama, Bill Gates, Warren Buffett, Kanye West, Kim Kardashian, and more.
Based on what we know right now, we believe approximately 130 accounts were targeted by the attackers in some way as part of the incident. For a small subset of these accounts, the attackers were able to gain control of the accounts and then send Tweets from those accounts.
— Twitter Support (@TwitterSupport) July 17, 2020
Today, Twitter’s official support account has revealed a few more details about the attack. It says that “approximately 130 accounts were targeted” in the attack. It also confirmed that the attackers were able to post tweets from “a small subset of these accounts.” As of yet, however, Twitter is not sure whether nonpublic data associate with the account was also compromised. Nonpublic data could include personal data in a Twitter user’s settings as well as their direct messages and passwords.
The FBI is also now involved with Twitter’s investigation due to high-profile politicians and business leaders being targeted in the attack, according to the Wall Street Journal. And as CNBC reports, Elliptic, a blockchain analysis firm, says that some people did actually fall for the bitcoin scam. Elliptic says the attackers received $121,000 in bitcoin from over 400 payments.