Twitter Breached: Major Accounts Hacked for Bitcoin Scam

20 July, 2020 (Monday)

On Wednesday, the 15th of July in the USA, around 130 high profile Twitter accounts were hacked and were involved in a massive Bitcoin scandal. Business accounts like 

as well as influential people such as  among the many accounts that were hacked. They collectively had over 90 million followers. These accounts were used to promote a common cryptocurrency site where over $100,000 was sent to a Bitcoin wallet via at least 300 transactions. 

Image Credits- The Verge

On Thursday, through a series of tweets, Twitter announced that the lack of evidence that the hackers obtained the passwords to these accounts after the security breach forced it to lock down compromised user accounts and block new tweets from verified accounts.

 

Twitter CEO Jack Dorsey tweeted, “Tough day for us at Twitter. We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened”.

Twitter said, “Out of an abundance of caution, and as part of our incident response yesterday to protect people’s security, we took the step to lock any accounts that had attempted to change the account’s password during the past 30 days,” it said. “As part of the additional security measures we’ve taken, you may not have been able to reset your password. Other than the accounts that are still locked, people should be able to reset their password now.”

On Friday, Twitter found that for 45 of the targeted accounts, the attackers were able to initiate a password reset, log in to the account, and send Tweets.  According to Twitter, for eight of the accounts involved, the attackers also downloaded the account’s information through our “https://help.twitter.com/en/managing-your-account/accessing-your-twitter-data” tool. This tool provides an account owner with a summary of their Twitter account details and activity. None of these eight accounts were verified.

Twitter announced that is it working on helping people regain access to their accounts since many high profile accounts including news organisations were locked out of their accounts by Thursday morning. Twitter confirmed that this was a coordinated social engineering attack where the perpetrators had access to twitter’s internal systems and tools. Currently, the FBI is investigating the matter. In a tweet, Twitter’s support team said that it hopes its transparency and openness during the attacks and the steps taken to prevent further attacks like this is a step in the direction of making things right.