Following the massive Twitter hack earlier this month that hijacked the accounts of dozens of high-profile politicians, celebrities, and businesses to peddle a cryptocurrency scam, Twitter said on Thursday, 30 July, that this was the result of a spear phishing attack.
The company said it has now "significantly limited" access to its internal tools.
What is Phishing?
A phishing attack is a fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, or trick victims into opening malicious emails or links disguised as legitimate web content.
How Did This Phishing Attack Happen?
Twitter explained in a series of tweets that the attack took place on 15 July 2020, targeting a small number of employees. This “misled certain employees and exploited human vulnerabilities to gain access” to their internal systems.
"This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems," Twitter said in a tweet.
The hacker had reportedly obtained employee credentials, with which they targeted specific employees who had access to the Twitter account’s support tools. “They then targeted 130 Twitter accounts - Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7,” a tweet read.
How is Twitter Handling This Attack?
Twitter said they have now ‘significantly limited access’ to their internal tools and systems. “Until we can safely resume normal operations, our response times to some support needs and reports will be slower,” a tweet read. The team is also constantly updating and improving to make the tools, controls and processes more sophisticated. Twitter is accelerating several of their pre-existing security work streams and improving methods for detecting and preventing inappropriate access to its internal systems.
What Was the 15 July Incident?
The 15 July security breach incident led to one of the biggest high-profile hacks with the takeover of accounts belonging to Barack Obama, Joe Biden, Jeff Bezos and many others. Apple, Uber and other businesses were also caught up in the hack. The compromised accounts were then used to promote a bitcoin scam.
Twitter said that 130 accounts were targeted in the attack, with hackers managing to tweet from 45 accounts, access the direct message inboxes of 36 accounts and download the Twitter data from seven.
Hackers appear to have netted more than $113,500 from the scam.
Cybersecurity experts believe that this incident has vast security implications.
(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)