Twitter reveals the type of attack in the latest bitcoin fake giveaway scam that the hackers used to run it so let’s try and find out in the latest Bitcoin scam news.
Twitter reveals that the attack used to carry out the Bitcoin scam was actually a “phone spear phishing attack” targeting specific businesses and individuals by using phonecalls first, combined with the platform’s security flaws. Now more than ever, the security flaws of Twitter have come to light.
We’re sharing an update based on what we know today. We’ll provide a more detailed report on what occurred at a later date given the ongoing law enforcement investigation and after we’ve completed work to further safeguard our service. https://t.co/8mN4NYWZ3O
— Twitter Support (@TwitterSupport) July 31, 2020
A new update for the recent Twitter hack confirms that the employees were subject to a “phone spear phishing attack” which is a more sophisticated form of phishing in which malicious actors targeted specific businesses or individuals by using phone calls. During these calls, they could convince the victims to hand over passwords or other info that is used to access Twitter’s internal tools:
“The attack on July 15, 2020, targeted a small number of employees through a phone spear phishing attack. This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems.”
Twitter explained further that after seizing employee credentials, the hackers targeted other staffers and eventually cracked into the “God Mode” aka Twitter admin panel. Twitter had described it previously that the modus operandi of the hacking group was a “social engineering” one without giving further details. The platform assessed that more than 130 twitter accounts were compromised and the hackers managed to get into high-profile accounts such as the ones of Elon Musk, Barack Obama, Bill Gates, and Joe Biden. They managed to steal bitcoin but other data as well of seven individuals.
In the week after the attack, the scope of Twitter’s security failings came to light. Over the previous week, it was reported more than 1000 Twitter staff and the outside contracts which had access to the platform’s God Mode admin panel. Later it was revealed by Bloomberg that in 2018 and 2017, the contacts who helped to maintain the platform responded to help-desk inquiries and employed support tickets to snoop out Beyonce by tracking the singer’s geolocation data and other private info:
“We have no indication that the partners we work with on customer service and account management played a part here.”
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post