The Twitter hack that compromised accounts of prominent users like Barack Obama, Joe Biden Elon Musk was the result of a targeted “phishing attack” against its employees, the social media giant revealed in a statement. The scammers underwent a “significant and concerted” effort to target specific employees with access to Twitter support tools to successfully take over 45 accounts. The scammers sent out tweets from many accounts of prominent personalities seeking bitcoins.
Attackers targeted a small number of employees through a phone spear-phishing attack.
The social media giant revealed in a report that the attackers targeted a small number of employees through a phone spear-phishing attack on 15th July. This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to the internal systems, the company said. Earlier, the New York Times had reported that the hack was apparently carried out by four young adult gamers, including a 19-year-old who lives with his mother, as a prank devoid of any ideological motivation. Along with putting out tweets seeking bitcoins, the hackers also managed to access the DM inbox of 36 accounts and downloaded the Twitter data for seven accounts.
Twitter has significantly limited access to its internal tools and systems.
The microblogging platform wrote in its statement that it is still not comfortable returning to normal operations. The company has limited access to internal tools until it feels it has properly safeguarded its backend. The company further mentioned that while these tools, controls, and processes are constantly being updated and improved, they are taking a hard look at how the company can make them even more sophisticated. Twitter mentioned that it has significantly limited access to its internal tools and systems. The Federal Bureau of Investigation is also looking into the Twitter hack that happened earlier this month.