What was the Twitter hack all about?
The Twitter accounts of some of the U.S.’s most prominent political and business leaders, from Barack Obama and Joe Biden to Bill Gates and Warren Buffett, were hacked Wednesday afternoon in an apparent effort to promote a Bitcoin scam. The high-profile accounts started tweeting a message saying any bitcoin sent to a link in the tweet will be sent back doubled, an offer the tweet said last just for 30 minutes.
Apple and Uber handles were among the first to be impacted, followed by those of Musk and Gates. In a couple of hours, it had taken over the handles of Obama, Biden, Mike Bloomberg, and Amazon founder Jeff Bezos. Around the time handles of boxer Floyd Mayweather and celebrity Kim Kardashian had been affected, Twitter locked most large verified accounts across the US and rest of the world.
However, in the four-odd hours, the tweets were live, the Bitcoin wallet promoted in the tweets received over $100,000 via at least 300 transactions.
What is Twitter saying about the incident?
Twitter’s product lead Kayvon Beykpour tweeted that their “investigation into the security incident is still ongoing”, and promised more updates from @TwitterSupport. “In the meantime, I just wanted to say that I’m really sorry for the disruption and frustration this incident has caused our customers,” he said.
In a series of tweets, @TwitterSupport acknowledged the “security incident” and informed users that they maybe be unable to tweet or reset passwords till the micro-blogging platform reviewed the incident.
About four hours after the first acknowledgment, the handle said: “Most accounts should be able to Tweet again. As we continue working on a fix, this functionality may come and go. We’re working to get things back to normal as quickly as possible.”
Twitter CEO Jack Dorsey called it a tough day for “us at Twitter”. “We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened,” he tweeted.
How did the Twitter hack happen?
The chaos began when Tesla CEO Elon Musk’s Twitter account was seemingly compromised by a hacker intent on using it to run a bitcoin scam. Microsoft co-founder Bill Gates’ account was also seemingly accessed by the same scammer, who posted a similar message with an identical bitcoin wallet address. Both accounts continued to post new tweets promoting the scam almost as fast as they were deleted, and Musk’s account in particular was still be under the control of the hacker as late as 5:56PM ET.
A spokesperson for Gates tells Recode’s Teddy Schleifer, “We can confirm that this tweet was not sent by Bill Gates. This appears to be part of a larger issue that Twitter is facing. Twitter is aware and working to restore the account.”
Shortly after the initial wave of tweets from Gates and Musk’s accounts, the accounts of Apple, Uber, former President Barack Obama, Amazon CEO Jeff Bezos, Democratic presidential candidate Joe Biden, hip-hop mogul Kanye West, and former New York City mayor and billionaire Mike Bloomberg, among others, were also compromised and began promoting the scam.
According to Twitter Support, the “coordinated social engineering attack” was executed by people who “successfully targeted some of our employees with access to internal systems and tools”. “We know they used this access to take control of many highly-visible (including verified) accounts and Tweets on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” another tweet said. Twitter said that even as it has limited functionality of the affected accounts, it also restricted access to internal systems and tools.
So far, Twitter has confirmed that employee tools were used in the hack, but not which ones or more than a theory as to how hackers might have gotten access. They also confirm that the vulnerability that has been exploited was within the Twitter systems and not on the user side.
What are implications of this security incident?
The implications are huge given the fact that the most powerful and popular accounts have been hacked. Given the influence Twitter has over political conversations globally, and in the US in particular, the verified handles of so many politicians being compromised at the same time does not augur well for the platform.
At least one Senator, Josh Hawley from Missouri, has written to Twitter CEO Jack Dorsey asking for an explanation once the problem has been fixed. Twitter will have some explaining to do to the American political establishment in the coming days.
The incident is also critical because it has happened in an election year. Last elections, the conversation in the US was also about social media being manipulated for political gain.
This new scenario has also shown that social media giants could be more vulnerable than before.
Also Read : News Highlights From July 2020