Last week hundreds of millions of people saw fraudulent tweets coming from some of the most influential Twitter users. The messages sent in the social network were inviting hundreds of millions of followers to send cryptocurrency funds to a Bitcoin address. The promise was that the celebrities would send back double the funds. So, users were expecting to transfer $1,000 worth of Bitcoin and then receive $2,000. Of course, this was a well-executed scam.
The cyber-criminals attacked the profiles of approximately 130 celebrities and managed to get control over 45 accounts. The bad actors managed to send fraudulent tweets from high-profile accounts of many that include Joe Biden, Elon Musk, and Barack Obama. Jeff Bezos and Kanye West were also among the affected. Twitter took immediate action to temporarily disable all verified users in the social network from tweeting while the incident is investigated. They also tweeted from the official Twitter support profile that they are aware of a security incident impacting some of the verified accounts on Twitter, and they are investigating and taking steps to fix it.
It did not take Twitter that long to get things back in order as they took immediate action after the hack was discovered. However, even though Twitter acted relatively quick, Business Insider states that the hackers have probably made off with at least $120,000. The three Bitcoin wallets used by the hackers have now been emptied. The money will likely be split into smaller amounts, making it even harder for authorities to trace the attackers.
According to a statement released by Twitter three days after the incident, the attackers managed to take advantage of multiple Twitter employees who had fallen victims of a sophisticated social engineering scheme. According to the same statement, the cybercriminals manipulated their way into getting Twitter employees to perform actions that accidentally divulged confidential information used by the hackers.
It is currently unknown who is behind the attack. Twitter has been able to connect the attack to at least one Twitter account on the platform, that is now suspended. Cyber researchers quoted by BBC believe that the hackers might have had access to the back end of Twitter for approximately two days before the incident occurred. It is currently unknown if the hackers have managed to steal any additional information from the profiles. Still, Twitter does not exclude the fact that cybercriminals might have had access to the affected profiles’ private messages.
Twitter said that they are actively working on communicating with the account holders affected by the security breach. They also said that they are cooperating with law enforcement and are continuing the investigation. Last but not least, the social media network is working on further securing its systems to prevent further attacks. Even though that Twitter employees most likely pass rigorous phishing exercises all the time, hackers sometimes find loopholes and exploit them. It is crucial for businesses and individuals always to be prepared by practicing common sense and having proper antivirus software installed on all connected devices.