Twitter today admitted that the attackers behind last week's incident read the private messages of 36 out of a total of 130 high-profile accounts targeted in the attack.
Among these, the hackers also accessed the Twitter inbox of Geert Wilders, a Dutch elected official and the leader of the Party for Freedom (PVV).
Twitter also said in a blog update that it found no other indications that "any other former or current elected official had their DMs accessed."
After the attack, U.S. Senator Ron Wyden tweeted about a conversation he had with Twitter CEO Jack Dorsey two years ago, with Dorsey telling Wyden that the company was working on end-to-end encrypted direct messages.
As the U.S. Senator said, "[i]f hackers gained access to users' DMs, this breach could have a breathtaking impact for years to come."
While it’s still not clear if the hackers gained access to Twitter DMs, this is a vulnerability that has lasted for far too long and isn't present in other competing platforms. If hackers gained access to users' DMs, this breach could have a breathtaking impact for years to come.
— Ron Wyden (@RonWyden) July 16, 2020
The company's investigation previously found that the hackers took control of 130 accounts using tools only available to Twitter internal support teams after getting their hands on the credentials of a number of Twitter employees.
The attackers used the accounts they took over to push a massive Bitcoin scam which allowed to collect almost $120,000 worth of bitcoins.
Earlier this week, Coinbase said that it blocked its customers from sending roughly $280,000 to the Twitter hackers on top of the $120K by blacklisting the Bitcoin addresses used in the scam within minutes after the attack started.
"For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets," Twitter added. "In addition, we believe they may have attempted to sell some of the usernames."
"For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account’s information through our 'Your Twitter Data' tool," none of these being verified accounts.
To recap:
— Twitter Support (@TwitterSupport) July 23, 2020
130 total accounts targeted by attackers
45 accounts had Tweets sent by attackers
36 accounts had the DM inbox accessed
8 accounts had an archive of “Your Twitter Data” downloaded, none of these are Verified
Twitter immediately blocked the hijacked accounts from resetting their user passwords and from tweeting after detecting the attack, and, three hours later, it restored tweeting functionality to the impacted accounts.
The company also stated that it discovered no evidence of the intruders gaining access to the affected accounts' passwords and that they will not be reset.
The Twitter accounts of multiple tech companies (@Apple and @Uber), several tech executives, celebrities, and politicians (@JeffBezos, @BarackObama, @elon_musk, @kanyewest, @JoeBiden, @BillGates, and @WarrenBuffett), and crypto exchanges (@coinbase, @Gemini, and @binance) are some of the 130 used by the hackers to promote their Bitcoin scam.
Twitter's investigation and cooperation with law enforcement continue at the moment with a forensic review of all accounts targeted in the attack.
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now