Last week, 130 prominent Twitter accounts were compromised in a cyber-attack that scammed over $100,000 worth of Bitcoin. The accounts compromised included cryptocurrency companies and prominent verified users, most with audiences of over 10 million.
The hacker or hackers in question posted a variation of a message detailing that if users sent bitcoin (up to $2,000), it would be sent back to them and doubled in an effort to give back to the community. With over 300 transactions, the bitcoin addresses linked received over $100,000 in BTC.
In an unprecedented move, Twitter limited the functionality of all verified users to decrease the damage of the attack. The limited functionality included the inability to tweet and reset passwords while they investigated the source of the attack.
In a series of tweets posted by the @TwitterSupport account, they attributed the attack to be “a coordinated social engineering attack” targeting internal employees. This means hacker manipulated certain internal Twitter employees to divulge confidential information that allowed the hacker to access Twitter’s internal systems to target the affected accounts. These internal systems, known as “agent tools,” allowed the hacker to bypass any two-factor authentication the accounts may have had enabled. Several techniques could have been used, from phishing emails to malware or bribery to access the confidential information.
There is a misconception that most cyber threats are due to vulnerabilities in technology. However, more than 99% of cyberattacks rely on human interaction. Rather than targeting systems and infrastructure first, cybercriminals target people whether through phishing attempts, malware, or coercion. The first step of any cybersecurity process begins with people through hiring and cybersecurity training.
As Twitter continues to investigate the source of the hack and the identity of the hacker or hackers, it is important to take a look at where their cybersecurity vulnerabilities lie. Twitter has over 330 million active users sending 500 million tweets per day, and that is just the public information. That does not take into account the number of personal and direct communications that are sent on the app daily.
As for what’s next, Twitter will be investing in better cybersecurity measures and training for their employees, and they will continue to update users of the very public hack on their blog.