What happened?
Twitter accounts of many famous individuals, companies and several crypto exchanges have been
The origins of the fraud can be traced back to a mysterious tweet posted on Musk's account at 4:17 pm ET.
I feel generous about COVID-19. I will double any BTC payment sent to my BTC address within the next hour. Good luck and stay safe!
Fake tweet from Elon Musk's account
The tweet was then deleted and replaced with another one that more clearly outlined the fake advertisement.
I'm grateful for doubling all payments sent to my BTC address! You send $1,000, I return $2,000! Do this only for the next 30 minutes.
Fake tweet from Elon Musk's account
The tweet sent to Gates' account echoes Musk's tweets, with an identical BTC address attached. It was also removed shortly after publication.
Accounts hacked included President Barack Obama, Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, Apple and Uber corporate accounts, and Kanye West.
Shortly after the first wave of tweets from accountsBill Gates and Elon Musk, Apple, Uber, former President Barack Obama, Amazon CEO Jeff Bezos, Democratic presidential candidate Joe Biden, hip-hop tycoon Kanye West and former New York mayor and billionaire Mike Bloomberg, among others, also were compromised and started spreading fraudulent tweets.
But they were hacked later. The first known personal account that has been compromised is Elon Musk's blog.
In the first hours after the attack, the deceived people andsent the hackers over $ 118,000. It can also be assumed that the attackers could have gained access to a large number of confidential direct messages. However, the speed and scale of the attack are of even greater concern. The United States is also concerned about issues related to national security amid the widespread attack.
Account takeovers seem to have stopped, but new fraudulent tweets were regularly sent to verified accounts. The hacker attack lasted over two hours, starting at 4 pm ET.
How did it all start?
Chaos began when the general's accountTesla CEO Elon Musk was apparently compromised by hackers with the intention of using him to launch fraudulent Bitcoin transactions. The account of Microsoft co-founder Bill Gates also appears to have been exposed to the same scammer who posted a similar message with an identical bitcoin wallet address. Both accounts continued to post new tweets promoting the scam. Musk's account was still under the control of the hacker, even at 5:56 pm ET.
How did Twitter respond?
After an unprecedented account hackTwitter has confirmed that it has taken the plunge by blocking new tweets from every verified user, compromised or not, and blocking all compromised accounts.
The platform says it will not restore owners' access to affected accounts until the company is confident they can do so “safely”.
We have suspended accounts that have been compromised and will only restore access to the original owner when we are confident we can do so securely.
Twitter Support (@TwitterSupport) July 16, 2020
The service reacted to the situation after more thanhours of silence, posting to your support account at 5:45 pm ET that a "security incident" was reported that affected the accounts. The case is being investigated and the company is taking steps to fix it, Twitter said.
Late in the evening, Twitter CEO Jack Dorsey made an address to social media users.
A tough day for us on Twitter. We all feel terrible. We will diagnose the problem and share all the details once we have a better understanding of what exactly happened.
Twitter CEO Jack Dorsey
Twitter Product Manager Keywon Beikpuralso made a public statement stating that the investigation into the incident is still ongoing, but the company will be sending updates on the situation through the @TwitterSupport account - in more detail and soon. Beikpur also apologized for the "disappointment" caused by this incident for users.
The company disclosed that its own internalemployee tools were hacked and used during the hack. This may explain why even accounts that claim to have two-factor authentication are still trying to trick followers with bitcoin scams.
Bulk blocking after hacker attack
The company has taken an unprecedented step toprevent tweets from verified accounts from spreading starting around 6pm ET. This would seem to be the first time Twitter has done this in the company's history. The company updated its stance on limiting tweets at 7:18 p.m. ET, saying it would continue to limit the ability to post, reset passwords and some other account features while the hack was investigated.
As of 8:32 pm ET, the ban has been lifted.
IN 20:41 ET Twitter said that "most" verified accounts should be able to post tweets. As we developers work to fix the situation, functionality can come and go, the company explained.
Although Twitter hasn't confirmed how it worksselective lock, it seems to only apply to accounts that have been verified. Unverified accounts could still tweet normally, while verified accounts could only retweet existing messages.
At 18:On 18 ET, it was reported that some users might not be able to post, and it was noted that password reset may be disabled while the service is working to correct the situation. An hour later, the company said it continues to restrict tweets, password resets, and "and some other account features." Some Verge employees automatically logged out of their accounts after Twitter started restricting posts.
How did the hack happen? All the details of the hacker attack
The operation appears to have affected many majorcompanies and extremely famous people. This suggests that hackers have discovered a serious loophole in Twitter's login or account recovery process or in third-party applications. Another possibility is that the attacker somehow gained access to the administrative privileges of a Twitter employee.
Now numerous underground hacker groupsshare screenshots of Twitter's internal admin tool, which was allegedly used to hijack verified accounts. Twitter is currently removing the screenshot from its platform and in some cases pauses users who continue to share it.
In updating his hacking investigationMotherboard says it spoke to hackers who say they paid a Twitter employee to change the email addresses of popular accounts using an internal tool so they can then monitor them.
Motherboard also shared some screenshots of the internal tool, presumably at the center of the hack.
OK, we talked to another hacker. Were able to confirm how they got accounts: Twitter employee used internal tool to change email addresses associated with accounts. Twitter seems to have just confirmed this in tweets as wellhttps: //t.co/2emeiH7gs1
- Jason Koebler (@jason_koebler) July 16, 2020
Twitter confirmed that the hack used employee tools.
Musk has long been a target forbitcoin scammers, many of whom create fake accounts designed to look like an entrepreneur and respond to his tweets. The social network even began blocking some accounts that change their name to "Elon Musk", and in the spring of 2018, the company identified cryptocurrency scammers as a source of known manipulation and deception, which it intended to root out through bans and other moderation strategies.
How much did the hackers make?
Some people apparently fell for the scamand sent the money to the corresponding BTC address since transaction records are public due to the blockchain-based nature of the cryptocurrency. So far, the scammers have amassed nearly $120,000. However, the account owner still has money sent elsewhere as the daily ending balance fluctuated up and down throughout the day.
It’s an actual wallet address and there aretransactions happening. It’s unclear if these transactions are legit. Scammers often seed their own scams to give them the appearance of authenticity. https://t.co/GUHEDaKNxu pic.twitter.com/xfhl3817xr
Ryan Mac? (@RMac18) July 15, 2020
FBI reaction
The Federal Bureau of Investigation is aware of the incident of hacking the Twitter accounts of entrepreneurs Elon Musk, Bill Gates, Joseph Bezos and others in order to steal users' money.
The FBI San Francisco office said,that, apparently, the accounts were hacked to carry out cryptocurrency fraud. The Bureau recommends that the public not be fooled by this fraud.
findings
Twitter is likely to host the next fewdays investigating how this incident happened. It seems likely a criminal investigation in which the company may not be able to fully describe the events of the environment. But it’s very important that Twitter talk about what happened and what it’s going to do as soon as possible so that it never happens again.
After the Wednesday catastrophe, it is hardly hyperbole to suggest that our world might be in the balance.
Read also
Look at the huge “wall” of hundreds of thousands of galaxies behind the Milky Way
Comet NEOWISE is visible in Russia. Where to see her, where to look and how to take a photo
It turned out that made the Mayan civilization leave their cities