Giant company executives, politicians, and a host of other celebrities took control of Twitter accounts yesterday by unknown attackers, who then used profiles to try to extort cryptocurrency from their crowded, tens of millions of followers. The Twitter profile of Elon Musk, Bill Gates, Barack Obama, and Joe Biden, among nearly a dozen known affected accounts, also fell victim to the attack.
The Twitter team, as soon as it became aware of the incident, locked the accounts and deleted posts from fraudsters. tweets – although as Ars Technica points out, new posts by attackers have appeared under Elon Musk’s profile even after deleting previous tweets. In addition to celebrities, the targeted accounts included profiles of several Twitter employees.
SOCIAL ENGINEERING OR BREAD?
According to Twitter, the attackers managed to mislead the company's employees with a well-coordinated action based on social engineering, which is based on psychological manipulation. and obtain account credentials from them. However, according to the Motherboard, which has not yet been officially confirmed, the attackers managed to gain access to the company's internal administrators' tools and the necessary information by paying a Twitter employee, as evidenced by screenshots (also of as yet unclear authenticity).
The company is still investigating the case, which could have led to much more serious problems with simple cryptocurrency fraud. Attackers in possession of branches of government agencies or high-ranking politicians could even have caused global panic after being free to harass certain acquired profiles for hours. The case is exacerbated by the fact that the attackers also had a good chance of accessing the private messages of the targets during the action. U.S. Senator Josh Hawley also approached Twitter leader Jack Dorsey, who encouraged him to contact the FBI as well.
Of course, cryptocurrency fraud did not cause negligible damage either: in the tweets, the attackers promised on behalf of the owners of popular profiles that they would return twice the amount they transferred to the digital wallet they provided to users – and many decided, 120 followers of the accounts. an amount equivalent to a thousand dollars was transferred to the attackers. Of course, it is still recommended that all Twitter users set a strong, unique password in the service, or use two-factor login, although, as the current case shows, this does not provide secure protection against profile hacking.
UNEXPECTED PASSWORD CHANGE  Hacking Adrian Lamo's account can give a deeper insight into the course of the attack: the name of the hacker who died in 2018 may be familiar, among other things, in connection with Chelsea Manning's WikiLeaks scandal, as Lamo announced an anti-spy in 2010 about encrypted intelligence leaks. Lamo's profile has been managed since his death by a hacker known as Lucky225, who said he unexpectedly received a confirmation code from Twitter yesterday to change the password for his account, and before he could do anything with it, he received an email that turned out to be logged in with a new device. Lamo's account. The phone number associated with the profile was not changed by the attackers, so Lucky225 was able to regain control over it – at least for a while, not long after, a confirmation code was received to change the password again. However, it is possible that the latter was already a move by Twitter to block the profile under attack. The company did not provide further information on Lamo's profile.
At present, therefore, social engineering methods or the payment of a Twitter employee may have justified the attack, but the company has not yet provided official details of the investigation. Twitter's internal investigation is ongoing, during which time it also restricts its employees' access to internal systems and devices.
Gellert is Technology Editor at Counting News Media and contributor at other major tech publications. Her interests includes testing new gadgets and reading.