By: Brianna Zhang
A Twitter hacking scheme targeted well-known accounts. As the company struggles to find the attackers, the public questions Twitter's cybersecurity vulnerability.
Many influential accounts were the target of the attack. Some victims of the hack ranged from Joe Biden, Bill Gates, Barack Obama, Kim Kardashian, and many others.
Twitter announced in a tweet, "Based on what we know right now, we believe the attackers targeted approximately 130 accounts in some way as part of the incident." These hackers were able to control these accounts and send an array of hateful tweets and scams.
One example is a simple bitcoin scam sent to the public. Each tweet said how they were "giving back to the community" by doubling any bitcoin sent. According to Chainalysis, a company that tracks cryptocurrency movement, the hackers finished with 120,000 dollars from 518 transactions in only 30 minutes.
Forensic investigators conclude that the hacker was someone inside Twitter's walls. One of the employee's accounts and credentials was taken over and used to gain access to the internal dashboard.
Investigators contemplate either two possibilities. First, the attackers could've tricked an employee into handing over their information. Posing as a trusted company representative, they could've used this strategy to access their account and credentials. Second, Twitter suggested that the employee might've been bribed into handing their credentials over.
Twitter is still trying to find the extent of the damage. "What you saw on Wednesday was probably not the end of the incident," said Alon Gal, a chief technology officer of Hudson Rock, investigating the hack. "If they got access to direct messages, this isn't over."
Through all of this, questions arise on how Twitter did not have a better safeguard to monitor suspicious activity or employee accounts. Another of the company's internal systems functions and how one employee can give access to everything, especially high-profile accounts.
Twitter is still trying to find the attackers and the extent of the damage. Meanwhile, they are working to patch the vulnerable holes in their cybersecurity and the trust of the hackers victims.
Sources: