By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Security Parrot - Cyber Security News, Insights and ReviewsSecurity Parrot - Cyber Security News, Insights and Reviews
Notification
Latest News
Twilio was hacked: Credentials stolen from Twilio employees.
August 10, 2022
Chinese hackers attack defense companies and government agencies in Russia and Eastern Europe
August 10, 2022
US authorities imposed sanctions on the cryptocurrency mixer Tornado Cash
August 10, 2022
Microsoft: Windows devices on new CPUs can corrupt data
August 10, 2022
Microsoft will improve the security of Edge when working with less popular sites
August 10, 2022
Aa
  • News
  • Security Insider
  • Tutorials
Reading: Twitter Hack Meltdown: phishing is the culprit
Share
Security Parrot - Cyber Security News, Insights and ReviewsSecurity Parrot - Cyber Security News, Insights and Reviews
Aa
Search
  • News
  • Security Insider
  • Tutorials
Follow US
Security Parrot - Cyber Security News, Insights and Reviews > News > Twitter Hack Meltdown: phishing is the culprit
Twitter
News

Twitter Hack Meltdown: phishing is the culprit

Last updated: 2020/08/02 at 8:49 PM
Jim Koohyar Biniyaz Published August 3, 2020
Share
Twitter
SHARE

The Twitter hack meltdown that happened a few week ago which has made the news everywhere and involved the profiles of celebrities and politicians alike has finally been unraveled.

Contents
What has been doneTwitter Hack: Better late than never

Apparently the initial “in” for the Criminal Hacker was a mobile spearfishing attack targeting a small number of employees.

The takeover of these account was all in the name of pushing out a Bitcoin scam, which allegedly netted over 100 thousand dollars.

Twitter, to clarify the situation, posted a blog on the incident.

“The social engineering that occurred on July 15, 2020, targeted a small number of employees through a phone spear phishing attack. A successful attack required the attackers to obtain access to both our internal network as well as  specific employee credentials that granted them access to our internal support tools“, the company admitted.

“Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes. This knowledge then enabled them to target additional employees who did have access to our account support tools. Using the credentials of employees with access to these tools, the attackers targeted 130 Twitter accounts, ultimately Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7″. 

In short a full blown account takeover and compromise of some of their employees…

What has been done

Since the attack Twitter has said that “we’ve significantly limited access to our internal tools and systems to ensure ongoing account security while we complete our investigation. As a result, some features (namely, accessing the Your Twitter Data download feature) and processes have been impacted”.

On top of that, the company has admitted that the cyber attack has somewhat affected its ability to respond to customer support needs and to other various issues like “reported Tweets, and applications to our developer platform”.

All of this in the name of making durable changes to their processes and tooling as a result of the incident.

Twitter is promising an increase in it’s security protocols, techniques and mechanisms. “it’s how we work to stay ahead of threats as they evolve”, they said.

Twitter Hack: Better late than never

One of the measures implemented will be a company wide Cyber awareness training course, with a particoular focus on phishing and other social engineering scams.

“We will continue to share updates and precautionary steps we take so that others can learn from this, too. We recognize the trust you place in us, and are committing to earning it by continued open, honest and timely updates anytime an incident like this happens”. 

So, in short, “we are licking our wounds we will behave form now on”.

Jim Koohyar Biniyaz August 3, 2020
Share this Article
Facebook Twitter Email Copy Link Print
What do you think?
Love0
Happy0
Joy0
Surprise0
Embarrass0
Sad0
Cry0
Angry0
Dead0

You Might Also Like

News

Twilio was hacked: Credentials stolen from Twilio employees.

August 10, 2022
News

Chinese hackers attack defense companies and government agencies in Russia and Eastern Europe

August 10, 2022
News

US authorities imposed sanctions on the cryptocurrency mixer Tornado Cash

August 10, 2022
News

Microsoft: Windows devices on new CPUs can corrupt data

August 10, 2022

© 2022 Parrot Media Network. All Rights Reserved.

  • Home
  • About Us
  • Contribute
  • Privacy Policy
  • Terms and Conditions

Removed from reading list

Undo
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?