On the 15th of July, 2020, the adversaries could successfully barge into some of the most popular accounts of the San Francisco-based social networking platform Twitter. The attackers infiltrated despite Twitter’s phishing attack prevention measures and used this access to Twitter’s database to hack celebrity Twitter Accounts. This attack has taken the internet by storm as many renowned faces have become its victims. Although Twitter is adopting the phishing prevention best practices, it is unsure whether they will be able to combat the long term effects of this historic breach- A high time organizations must adopt innovative anti-phishing solutions.
So, What Exactly Happened?
A notification from Twitter’s handle @TwitterSupport surprised all of its users on Wednesday, 15th of July when they cracked it to the world that accounts of prominent figures, including Bill Gates and Elon Musk have been compromised in a latest cyber attack.
After the initial investigation, Twitter found and revealed that it was a coordinated social engineering attack. The attackers first compromised a few of Twitter’s employee accounts to gain access to their internal systems and tools, which then enabled them to access all Twitter accounts under the sun.
Who Were The Victims Of This Attack?
This social engineering attack was one of its kind in Twitter’s history. It compromised the accounts of world-famous figures such as Barack Obama, Joe Biden, Mike Bloomberg, Jeff Bezos, Bill Gates, Elon Musk, Kanye West, Kim Kardashian West and Warren Buffet. The attack also had the verified accounts of Apple, Uber, National Weather Services and other crypto-currency and Bitcoin companies hacked.
The attackers strategically targeted these verified accounts to reach a maximum audience via their seemingly credible tweets. Since people do not usually remember the phishing prevention tips while opening links from social media platforms, the attackers could successfully con the Twitter followers of these influential figures.
What Were The Fake Tweets Like?
Here’s how the fake tweets to gather bitcoins from users looked like.
- Elon Musk’s tweet: ‘Feeling greatful, doubling all payments sent to my BTC address! You send $1000, I send back $2000! Only doing this for the next 30 minutes. bc1qxy2kgdygjr************93p83kkfjhx0wl**
- Kanye West’s tweet: ‘I am giving back to my fans. All bitcoin sent to my address below will be sent back doubled. I am only doing a maximum of $10,000,00. bc1qxy2kgdygjrsq**********83kkfjhx0w**. Only going on for 30 minutes!’
- All other tweets revolved around the same lines with Jeff Bezos tweeting, ‘I have decided to give back to my community’ and Bill Gates tweeting, Everyone is asking me to give back, and now is the time.’
What Was The Impact?
Naturally, such tweets from the people one idolizes make a person want to try out his/her luck and do whatever it is that’s being asked by them. The fake tweets could convince over 363 Twitter users that their invested amount will be doubled for real by the celebrities who have all suddenly realized their role towards their fans. The following are the distinguished impacts of the attack on Twitter accounts:
- Attackers were able to infiltrate into over 130 Twitter accounts via this massive breach.
- Clicks on the Bitcoin collecting domain provided by the attackers in all the fake tweets could collectively steal $118,000 of people’s hard-earned money.
- The attack has raised several questions on the efficiency of Twitter’s anti-phishing solutions. The CEO of ImmuniWeb – Kolochenko highlighted the extreme steps the attackers could have taken using the compromised accounts like declaring nuclear or military war between nations, defamation of rival companies to bring down their stocks, so on and so forth.
- Another Twitter user, going by the username of ‘1uc45MH’ expressed his fear about the level of access Twitter employees have over the accounts of all users which nullifies the prospect of any privacy a user might have.
- The rate of Twitter’s stock fell from $35.60 to $34.70 within just 15 minutes, owing to the enormous credibility shattering social engineering attack on the accounts of stars that millions of people looked up to.
What Is Twitter Doing Presently?
Twitter deems this incident very unfortunate and claims to be doing everything in its capacity to contain and handle the attack. To ensure protection against phishing, Twitter has taken the following steps so far:
- CEO Jack Dorsey has assured users via a Tweet that Twitter is investigating the attack and working relentlessly to get to the root of it.
- Twitter is also employing anti-phishing services to identify the other areas of its operations that may have been breached in the attack.
- To prevent phishing attacks, Twitter has completely locked down the verified accounts that were compromised. The accounts will continue to be restricted until the company completes its investigations.
- To stop more Twitter users from falling prey to the Bitcoin scam and to ensure protection from phishing, Twitter removed the attacker-posted tweets from the accounts of verified users, on their behalf.
- Further, to ensure phishing prevention, Twitter has also temporarily disrupted services for verified accounts that weren’t targeted in the recent attack. They have done this to curb the threat factor.
- Twitter is taking additional anti-phishing measures to restrict access to internal systems and tools within its employees so that the adversaries cannot trick employees with their social engineering schemes in future.
The recent attack on Twitter has reinstalled the fear of social engineering attacks among people and exposed millions of its users to risks of phishing, ransomware, identity theft and other attacks for the foreseeable future. People should be wise on the web, be rational consumers of the internet and adapt adequate measures for ensuring protection from phishing attacks to keep malicious attackers away in the first place.