Twitter says the massive attack was caused by spear-phishing and reports a new data about the cyber attack that it suffered on July 15.
The social network said on July 30 through its support blog that the massive attack with which hackers hijacked the accounts of public figures such as Jeff Bezos and Elon Musk and the bitcoin scam was the result of a spear-phishing attack.
How did hackers carry out a spear-phishing attack on Twitter?
In order to carry out the attack, the hackers needed access to the credentials of Twitter employees who had permissions to use account support and administration tools. For this reason, the social Twitter says the massive attack was based on a type of scam known as phishing that usually comes in the form of a file or link, usually hidden in the middle of emails, making it difficult for security software to detect.
- How to schedule tweets, without installing anything on Twitter?
- Twitter tests a button to limit who can reply you
“Not all employees who were initially attacked had permissions to use account management tools, but attackers used their credentials to access our internal systems and obtain information about our processes,” explains Twitter and adds: ”
“This allowed them to target additional employees who had access to our account support tools.”
The platform recently acknowledged that hackers also downloaded the data from up to eight of the 130 compromised accounts through its own social network tool that allows users to download their direct messages, photos, videos, address books and other data such as demographic and interest information. He also reported that the attackers were able to access the inboxes of 36 these accounts.
Due to the high profiles of affected users on Twitter, the FBI recently opened a formal investigation against Twitter over national security concerns. The FBI seems concerned that the vulnerabilities that led to the coordinated attack could be used for more than just a bitcoin scam.
As a result of the hack, the platform has taken some drastic measures despite denying at all times that the passwords have been leaked. The social network reported on July 16 that it took the step of blocking all users who had changed (or had tried to change) their password in the past 30 days.