Twitter has come up on a clarification after Microsoft co-founder Bill Gates, Tesla CEO Elon Musk, former US President Barack Obama and other high-profile Twitter accounts were hacked. Twitter said that its internal systems were compromised by the hackers and this hack couldn’t have been possible without the access to Twitter’s own tools and employee privileges.
However, Twitter has not explained much about the hack like what tools the hackers accessed or how exactly the attack was carried out, but Motherboard reported earlier today that there were too many underground hacking circles, sharing screenshots of an internal twitter user administrator tool allegedly used to make the account takeovers, potentially by resetting account details and then recovering passwords..
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools. We know they used this access to take control of many highly-visible (including verified) accounts and Tweets on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” explained Twitter.
Our investigation is still ongoing but here’s what we know so far:
— Twitter Support (@TwitterSupport) July 16, 2020
Now the question is “what is a social engineering attack?” These kinds of attacks can be of the simplest form, like an unknown person pretending to be your boss calls you and asks for access to a tool that you use citing some ‘managerial’ emergency. However, in this case, Twitter hasn’t revealed how the ‘social engineering attack’ took place.
As per this, the one thing is clear, that there was not an individual to carry out the hacking, it was conducted by a group of people, Twitter said, “This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do.”
In a series of tweets, the company further clarified, “We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely. Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues. We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this.”