James Delahunty
15 Jul 2020 22:59
Twitter is investigating a coordinated social engineering attack targeting its employees which resulted in high profile accounts being compromised.
A number of high-profile Twitter accounts with a lot of followers were seemingly compromised on Wednesday and used to advertise a cryptocurrency scam. Accounts belonging to former U.S. President Barack Obama, entertainer Kanye West, billionaire Elon Musk, Bill Gates, and others were caught in the event.
Each was used to tweet about a bogus giveaway. It promised that if any person sends $1,000 to a Bitcoin address, it will return $2,000, masked as a giveaway to the community due to the COVID-19 pandemic. According to reports, the scammers involved received over $100,000 in transactions going by publicly available blockchain records.
Twitter responded to the incident promptly and stopped all verified accounts from tweeting at all. Later, it restored access to many of the accounts but for the time being, is keeping compromised accounts blocked.
So how did this happen? So far Twitter has determined that there has been a coordinated social engineering attack aimed at its employees. These employees were targeted because they had access to Twitter's internal systems and tools. A social engineering attack targets an unpatchable vulnerability in security systems; the human. It is essentially the act of tricking someone with access do what the attacker wants. For example, if Twitter employees were conned into believing an attacker was part of the company itself, they may have granted access or handed over sensitive information under false pretenses.
Twitter did not go into detail on exactly what happened yet and is probing for signs of other malicious activity that may have been at play during this incident.