صدى البلد البلد سبورت قناة صدى البلد صدى البلد جامعات صدى البلد عقارات
Supervisor Elham AbolFateh
Editor in Chief Mohamed Wadie
ads

Twitter's Catastrophic Breach Could Be Global Security Crisis


Thu 16 Jul 2020 | 11:32 AM
Yara Sameh

Several high-profile Twitter accounts were hacked on Wednesday, which scammers seeking donations via Bitcoin to their profiles.

The accounts, along with those of Elon Musk, Joe Biden, Bill Gates, the Apple, and Uber corporate accounts,former President Barack Obama, Kanye West, Warren Buffett, Jeff Bezos, and Mike Bloomberg have posted similar tweets.

“Everyone asked me to give back, now it’s time,” Gates’ tweet said, and promised to double all payments to the Bitcoin address within the next 30 minutes.

“We can confirm that this tweet was not sent by Bill Gates,” Gates’ spokesman told CNN Business. “This appears to be part of a larger problem that Twitter is facing. Twitter is aware and restoring the account.”

“We are aware of a security incident affecting the accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone soon,” Twitter support account tweeted on Wednesday.

Twitter support account added: "We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely."

The number of attacks is probably one of the largest security incidents in Twitter’s history. A hack that took the account of one of these leaders could have devastating consequences.

A breakthrough like this is particularly pertinent not just because of any managed financial scam, but because many world leaders use Twitter – and some, like President Donald Trump, use it to announce major policy decisions.

Twitter massive hack could be a global security crisis

Twitter suffered the most catastrophic security breach in the company's history, however, it must be said that the events were set in motion years ago when scammers began at the beginning of 2018 spring, to impersonate noted cryptocurrency enthusiast Elon Musk.

They would use his profile pic, pick a common user name to his, and tweet a deal that was successful despite being too good to be true: send him a little cryptocurrency and he will give you a ton back.

The scammer often replies to a connected, verified account — Musk-owned Space X, for example — giving it additional legitimacy. Scammers would also amplify the fake tweet via bot networks, for the same purpose.

The 2018 events revealed three things, One, at least a few people fall each time for the scam — definitely enough to incentivize more attempts, two, Twitter's reaction to the threat was sluggish and continued long after the company's initial statements that it took the matter seriously, three, the demand from scammers coupled with initial action from Twitter to fight back set up a cat-and-mouse game that inspired bad actors to take more dramatic measures to wreak havoc.

Bitcoin

Highlighting the risks 

Big businesses and inpiduals' Twitter accounts have been hacked in one of the most massive and confusing attacks the platform has ever seen, all in the name of spreading a bitcoin scam that appears to be earning its creator quite a bit of money.

It is not know how it happened or even to what extent the platform's systems may have been compromised.

The hack appears to have subsided, but new scam tweets were posting to verified accounts regularly starting shortly after 4 PM ET and lasting more than two hours. Twitter acknowledged the situation after more than an hour of silence, writing on its support account at 5:45 PM ET, “We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.”

The hack seems to have subsided, but new scam tweets have periodically been sent to authenticated accounts beginning shortly after 4 PM ET and running over two hours, which lasted more than two hours.

Twitter confirmed the crisis, after more than an hour of silence, writing on its support account at 5:45 PM ET, tweeting: , “We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.”

The scammers hit Musk first, which was followed by Obama, Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, the Apple, and Uber corporate accounts, and pop star Kanye West.

Consumer Watch: Why it seems more Millennials are falling for ...

Falling for the scam

People were duped into sending more than $118,000 to the scammers within the first hours of the attack. It also seems likely that the attackers may have reached a significant number of sensitive direct messages — Of even greater concern, though, is the speed and scale at which the attack unfolded — and the national security concerns it raises, which are profound.

The first and most obvious question is, of course, who did this and how? but it is not known who is the offender.

Joseph Cox, a vice security reporter, says there are two sources close to or inside the underground hacking community provided Motherboard with screenshots of an internal panel, which they claim is used by Twitter workers to interact with user accounts.

One source said the Twitter panel was also used to adjust control of certain so-called OG accounts—accounts that have a handle consisting of only one or two characters—as well as to promote the tweeting of the high profile accounts' cryptocurrency scams.

Twitter has been deleting screenshots of the panel and has suspended users who have tweeted the screenshots, stating that the tweets violate its rules.

To speculate much further would be irresponsible, but Cox 's reporting indicates that this is not a garden-variety hack, in which a lot of people swapped their passwords or hackers using social engineering to convince AT&T to swap a SIM card.

In any case, Twitter’s response to the incident offered further cause for distress. The near-silencing of politicians, celebrities, and the national press corps led to much merriment on the service. Twitter is one of the world’s most important communications systems, for the best and the worst, and among its users are accounts linked to emergency medical services.