Twitter hackers read private messages of 36 high-profile accounts

Twitter today admitted that the attackers behind last week's incident read the private messages of 36 out of a total of 130 high-profile accounts targeted in the attack.

Among these, the hackers also accessed the Twitter inbox of Geert Wilders, a Dutch elected official and the leader of the Party for Freedom (PVV).

Twitter also said in a blog update that it found no other indications that "any other former or current elected official had their DMs accessed."

After the attack, U.S. Senator Ron Wyden tweeted about a conversation he had with Twitter CEO Jack Dorsey two years ago, with Dorsey telling Wyden that the company was working on end-to-end encrypted direct messages.

As the U.S. Senator said, "[i]f hackers gained access to users' DMs, this breach could have a breathtaking impact for years to come."

The company's investigation previously found that the hackers took control of 130 accounts using tools only available to Twitter internal support teams after getting their hands on the credentials of a number of Twitter employees.

The attackers used the accounts they took over to push a massive Bitcoin scam which allowed to collect almost $120,000 worth of bitcoins.

Earlier this week, Coinbase said that it blocked its customers from sending roughly $280,000 to the Twitter hackers on top of the $120K by blacklisting the Bitcoin addresses used in the scam within minutes after the attack started.

"For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets," Twitter added. "In addition, we believe they may have attempted to sell some of the usernames."

"For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account’s information through our 'Your Twitter Data' tool," none of these being verified accounts.

Twitter immediately blocked the hijacked accounts from resetting their user passwords and from tweeting after detecting the attack, and, three hours later, it restored tweeting functionality to the impacted accounts.

The company also stated that it discovered no evidence of the intruders gaining access to the affected accounts' passwords and that they will not be reset.

The Twitter accounts of multiple tech companies (@Apple and @Uber), several tech executives, celebrities, and politicians (@JeffBezos, @BarackObama, @elon_musk, @kanyewest, @JoeBiden, @BillGates, and @WarrenBuffett), and crypto exchanges (@coinbase, @Gemini, and @binance) are some of the 130 used by the hackers to promote their Bitcoin scam.

Twitter's investigation and cooperation with law enforcement continue at the moment with a forensic review of all accounts targeted in the attack.

Related Articles:

X hacking spree fuels "$HACKED" crypto token pump-and-dump

New ShrinkLocker ransomware decryptor recovers BitLocker password

Suspect behind Snowflake data-theft attacks arrested in Canada

New tool bypasses Google Chrome’s new cookie encryption system

New Qilin ransomware encryptor features stronger encryption, evasion