Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319


Massive Twitter hack was caused by spear-phishing attack

Image Description

Twitter believes a targeted spear-phishing attack allowed hackers to gain entry to its internal systems on July 15, leading to the compromise of a number of high-profile accounts.

Various reports suggested a malicious insider might be responsible for the Twitter hack, but it now appears attackers hoodwinked specific employees with access to account administration tools into handing over their credentials.

In a traditional phishing attack, scammers send out a fraudulent email en masse in a bid to harvest as many login credentials as possible. In a spear-phishing attack, however, hackers adopt the identity of a person known to the target individual (e.g. a manager or friend), increasing the likelihood of success.

“The attack on July 15 targeted a small number of employees through a phone spear phishing attack. This attack relied on a significant and concerted effort to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” reads a thread from Twitter Support.

The social media firm claims it is investigating ways of safeguarding against these kinds of attacks in future and has limited access to internal tools and systems until normal operations can be safely resumed.

Twitter hack

The Twitter hack affected 130 accounts in all, including those owned by Bill Gates, Jeff Bezos, Barack Obama and other influential figures.

The hackers tweeted from 45 of these accounts - which were used to peddle a cryptocurrency scam -  accessed the direct messages of 36 and downloaded data relating to 7.

“We are giving back to our community. We support Bitcoin and we believe you should too! All Bitcoin sent to our address below will be sent back to you doubled! Only going on for the next 30 minutes,” read a tweet posted to the Apple Twitter account, which was also hijacked.

Similar messages were published across all compromised accounts, netting the scammers upwards of $100,000 in bitcoin. The figure could have been far greater, however, had cryptocurrency exchange Coinbase not blocked a further $280,000 worth of payments to the wallet address.

Twitter, for its part, immediately locked all verified accounts (even those that were not compromised) and also limited certain feature sets in a bid to contain the incident.

“We’re accelerating several of our pre-existing security workstreams and improvements to our tools. We are also improving our methods for detecting and preventing inappropriate access to our internal systems and prioritizing security work across many of our teams,” said Twitter.

“This was a striking reminder of how important each person on our team is in protecting our service. We take that responsibility seriously and everyone at Twitter is committed to keeping your information safe.”


31 Jul 2020



Other Blog

  • Netgear might have revealed its most secure router software yet

    Netgear routers will now ship with a new version of its Armor security service designed to better secure smart home devices.

    Read More
  • Google backs down on controversial Chrome feature

    Google is giving up on its experiment to only show domains in Chrome after first testing out the feature last year.

    Read More
  • Nvidia GTX 1080 Ti could be the next GPU to make an unexpected comeback

    Four-year-old Pascal GPU could be resurrected to help fight RTX 3000 stock shortages

    Read More
  • Motorola is once again trying to make your phone into a PC

    A decade after the Atrix 4G Laptop Dock, Motorola is once again trying its luck with a smartphone that can act as a PC.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us