Twitter has completed its research for 130 hacked accounts on its social network and discovered that the hackers behind the crypto scam had accessed the direct messages of as many as 36 high-profile accounts, including one elected official in the Netherlands.
The hackers who took over the accounts of around 130 people in an apparent bitcoin scam were able to access 36 direct message inboxes, including one of the Netherlands’ politicians. However, the company did not believe that any other elected official DMs were affected.
Still, direct messages of all these affected accounts could contain non-public information or photos sent from or to major figures. The hackers could use or publicize at a later point in the future. Yet, we did not get to see or hear any incident related to such an information breach.
Last week hackers gained control over a series of Twitter accounts and spread the messages claiming that “we are giving back to our community” and then directing the audience to cryptoforhealth.com. This website was the focal point of the day’s original scam attempts.
The messages further claim that if people send the Bitcoins to the specified web address, in return, they will get double the amount. If they contribute more than a certain threshold, they will even get a bonus.
Below are the screenshots of some of the hacked accounts and the messages sent from them. Twitter has removed these tweets now.
The tweets somehow successfully trapped a few people who sent them valuable cryptocurrency. However, they did not get anything in return for the next 30 minutes and ever. Meanwhile, Twitter attempts to contain the account breaches to prevent more scammy messages from being spread.
Twitter temporarily disabled the verified accounts from tweeting and asked the owners of all those accounts to either have the temporary accounts or wait until the company completely fixes the problem. Meanwhile, Twitter took down all the tricky tweets and kept on putting efforts to get the situation under control.
Twitter engineers were under social engineering attack
The company has confirmed that some of its employees were targeted with sophisticated social engineering attacks, making anonymous sources allegedly taking over some of the accounts and got access to the company’s internal systems and tools.
The hackers then got access to the control panel, that only certain Twitter employees have access to, and changed the email addresses of specific Twitter accounts. By changing the information, the hackers became the owners of all those accounts. It is not confirmed why the hackers did so. However, a resource claims that hackers paid the Twitter representative who did “all the work” for them.
Hackers got a lot from cryptocurrency scam
TechCrunch got the information from an unknown resource, claiming that a hacker known as “Kirk” was behind the whole crypto scam. He has generated “over $100,000” in a matter of hours. The report also says that Kirk started selling out the stolen usernames with millions of followers, which can earn him handsome money, anywhere between a few hundred dollars to thousands of dollars.
The hacking of various known accounts has raised many questions related to Twitter’s security, especially at the time of the 2020 Presidential election in November. Twitter has started the investigation whether its rep hacked the accounts himself or gave the hackers access to the company’s systems and tools.