“Social engineering attack” on dashboards of employee management

Hackers responsible for what may be the biggest attack on Twitter They were successful because the employees had a high level of access to information and control on the platform.

In a series of Tweets from Twitter support On July 15, the social media help center confirmed that hackers responsible for the massive violation of prominent character accounts had one “coordinated social engineering attack” to get “Access to internal systems and tools”.

“We know that they used this access to take control of many highly visible accounts (including verified ones) and to tweet on their behalf.” said Twitter support. “”We investigate what other malicious activities they have carried out or what information they may have accessed and we will share more than we have now. “

“Social engineering attack” on dashboards of employee management
“Social engineering attack” on dashboards of employee management

The report specified that the platform had taken “Important measures to restrict access to internal systems and instruments” when the violation was investigated.

Access to fake Bitcoin gifts

Hackers have managed to publish tweets with the accounts of leading figures like Barack Obama and Joe Biden to promote a fake Bitcoin gift (BTC) It has cheated over 300 users for a total of $ 118,000.

The boards of directors of the affected fraud employees have important access to a variety of tools control affected accounts, including Post messages in your name and change the phone number and email address for confirmation.

Twitter users sniko_ Publicity Screenshots that indicate this Hackers may have changed their email address to check Coinbase and Gemini accountsbecause they were the same after the attack.

Screenshots for resetting the Coinbase and Gemini password

Screenshots for resetting the Coinbase and Gemini password

Motherboard de Vice reported that Twitter took photos of admin panels that users posted on the grounds that they violated the rules. Images showing access to various Twitter accounts reveal details of internal management, including The number of attacks registered against each accountcwhen the account was last accessedWhatWhich phone numbers were associated with it and which email addresses were used for verification.

Screenshot of the Twitter employee panel's internal access to the Binance account

Screenshot of Twitter employees accessing the Binance account. Source: motherboard

Reactions from Twitter users

“It sounds bad that a Twitter developer can just log into my account and tweet everything, read my private stuff, and do anything.” said Twitter users 1uc45MH. “If any of them are scared, they can tweet everything for everyone’s account.”

The stock market reacted similarly, although it was closed for trading shortly after the hack was discovered. Twitter’s TWTR shares fell from $ 35.60 to $ 34.70, a 2.5% drop in just 15 minutes. At the moment, the price of the platform’s shares is $ 34.52.

Similar Posts