Twitter says a spear phishing attack gave rise to bitcoin scam


Twitter provided an update about the unprecedented July 15 attack that allowed hackers to tweet from some of the most high-profile accounts in the service, A blog post And A series of tweets Published on Thursday evening. Twitter now says that some employees were targeted in a phone spear phishing attack. Although Twitter does not say, that likely means hackers called Twitter employees while they posed as colleagues or members of Twitter’s own security team, and the credentials they used to access internal systems Got to appear.

Twitter previously stated that its own tools had been compromised in the attack, but by this point, the company had not specified how it had happened. “This attack relied on a significant and concerted effort to mislead some employees and exploit human weaknesses to gain access to our internal systems,” Twitter said In a tweet From its support account.

Twitter also reiterated that the attackers targeted 130 accounts, tweeted 45, and accessed direct messages of 36, but reduced the number of accounts whose Twitter data were downloaded (including direct messages Included) 7 from “8 to”.

Twitter limited features and locked accounts for some users immediately after the attack. While many features are back, “some features (ie, accessing) Your twitter data Download facility) and processes have been affected, ”Twitter said in its blog post. company Also said It currently has “limited access” to its internal devices And is “Improving our methods to detect and prevent inappropriate access to our internal systems.”

During the attack, hackers carried out a bitcoin scam from the Twitter account of President Barack Obama, Democratic presidential candidate Joe Biden, Tesla and SpaceX CEO Elon Musk, Microsoft co-founder Bill Gates and others. The FBI has launched an investigation into the attack.

Leave a Reply

Your email address will not be published.