Skip to main content

Twitter says up to 8 accounts had all their data downloaded during its giant hack suggesting the hackers were after more than just Bitcoin

* Twitter gave an update late on Friday on its investigation into the highly visible hack of dozens of verified accounts on Wednesday. * Twitter said 130 accounts were targeted, of which 45 had their passwords reset and tweets sent by the hackers. * Up to eight accounts also had their data fully downloaded by the hackers. None were Verified accounts, the company said. * Visit Business Insider's homepage for more stories. The hackers who hijacked dozens of high-profile Twitter accounts this week may have had a second, less visible purpose. The hack took place on Wednesday when the hackers successfully gained access to accounts belonging to public figures, including Barack Obama, Joe Biden, Elon Musk, Bill Gates, and Kim Kardashian, as well as some company accounts like Apple and Uber. Hijacking these accounts, the hackers tweeted out a Bitcoin scam, asking followers to send Bitcoin to a specific wallet address and promising to send back double the amount. Twitter said on Friday that it believed 130 accounts were affected by the hack, and that only a "small subset" actually tweeted anything. Later that same day in a blog post, Twitter offered some more detail. "As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets," Twitter said. But sending tweets to a Bitcoin scam doesn't appear to have been the hackers' only objective. Out of the 130 compromised accounts, Twitter says up to eight had their data fully downloaded by the hackers using the "Your Twitter Data" tool, allowing users to download all the data relating to their account, including their private messages. Twitter said none of these eight accounts were verified, suggesting they may not have been any of the high-profile celebrity or company accounts that tweeted links to the Bitcoin scam. However, some of the hijacked accounts were popular but unverified accounts (e.g. the popular @TheTweetOfGod). Twitter gave no details on which accounts these were or what they might have in common. Numerous reports have linked the attack with a community of hackers obsessed with so-called "OG" accounts with super-short Twitter handles. Cybersecurity journalist Brian Krebs reported that hours before the Bitcoin links started being tweeted on Wednesday, a handful of OG accounts, including "@6," were also hijacked. How did they do it Twitter also provided more detail about how the hackers managed to crack into its systems. Twitter said the hackers had managed to gain access to an internal company tool using a "coordinated social engineering attack," on Wednesday. Social engineering is a term which means hackers manipulate, trick, or convince their target to hand over access to a system, rather than technically hacking. "The attackers successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems, including getting through our two-factor protections," Twitter said in its Friday blog. It did not say how the employees were manipulated. On Thursday, Motherboard reported that a source who took part in the hack claimed the attackers paid a Twitter employee. In its blog, the company said it would be implementing extra training to guard against social engineering. Twitter says it is still investigating the attack and is working with law enforcement. The FBI is looking into the hack. The company said it is also restoring access to the account holders who were locked out while it sought to reestablish control of the situation. At least one affected account appears to have gone back to its owner, as Tesla's Elon Musk started tweeting again late on Friday. SEE ALSO: Twitter says 'social engineering' led to the massive hack that targeted high-profile accounts like Barack Obama and Jeff Bezos. Here's what the technique involves and how to avoid it. Join the conversation about this story » NOW WATCH: Why thoroughbred horse semen is the world's most expensive liquid
https://bit.ly/2WA6YQn

Popular posts from this blog

PayPal parts with top advertising executive after shifting its marketing strategy during the pandemic

* PayPal's chief creative officer Steve Simpson, its top advertising executive, left the company after about a year. * The move came after PayPal shifted its marketing strategy during the coronavirus pandemic, placing less emphasis on the brand and more on catering to small businesses, said a source with direct knowledge of the marketing operation. * Simpson's departure followed that of CMO and former Apple executive Allison Johnson in May. Both "decided to leave PayPal" as the company streamlines its global marketing functions, according to a PayPal spokeswoman. * Visit Business Insider's homepage for more stories. PayPal's highest-ranking ad executive Steve Simpson left earlier this month after just over a year as part of a restructuring of its global marketing business. Simpson, who was chief creative officer, was hired to make high-minded ad campaigns to help PayPal stand out from competitors like Square, Stripe, and Apple Pay. But this strategy chan...

TikTok confirms it will sue the US government, alleging Trump failed to provide 'due process' before issuing ban

* TikTok confirmed Saturday that the company planned to sue the US government over President Donald Trump's executive orders targeting the popular app. * A company spokesperson said TikTok experienced "a lack of due process as the administration paid no attention to facts and tried to insert itself into negotiations between private businesses." * TikTok, which has surged in popularity over the past year, was known as Musical.ly until it was purchased by the Chinese company ByteDance in 2017 and renamed. * The president on August 6 and August 14 signed executive orders targeting TikTok.  * Visit Business Insider's homepage for more stories. TikTok on Saturday announced it plans to sue the US government over President Donald Trump's executive orders pertaining to its ownership, arguing the company was deprived of its due process rights. The president, who began targeting TikTok in July, issued an executive order August 6 making it illegal for American compani...

A pair of former champions headline UFC Fight Night: Munhoz vs Edgar — How to watch

  * UFC Fight Night: Munhoz vs Edgar will be streamed live on August 22, exclusively through the ESPN+ streaming service. * In the main event, former UFC Lightweight champion Frankie Edgar will make his debut in the bantamweight division in the 27th match of his UFC career. * With 13 career wins by knockout or submission, 5th ranked Pedro Munhoz is the former Resurrection Fighting Alliance bantamweight champion and one of the UFC division's most formidible fighters. * Prelims are set to start at 6 p.m. ET and the main card is scheduled to begin at 8:30 p.m. ET. * Every UFC Fight Night event is included with an ESPN+ subscription, which costs $6.99 per month or $49.99 per year. Product Card Module: Monthly Subscription Service Card size: small Former UFC lightweight champion Frankie Edgar will make his bantamweight debut against #5 ranked Pedro Munhoz in the main event of UFC Fight Night: Munhoz vs Edgar on August 22. Munhoz has dominated opponents in his 18 career wins...