Twitter reveals how hackers took over accounts of Barack Obama, Jeff Bezos, Bill Gates, and Kanye West

A series of spear phishing attacks got the individuals access to internal Twitter tools

Adam Smith
Friday 31 July 2020 07:16 EDT
Comments
Twitter's average daily user growth spiked 34% in the second quarter of 2020
Twitter's average daily user growth spiked 34% in the second quarter of 2020 (AP)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Twitter has shared an update about the huge hack on its platform, where many high-profile users had their accounts taken over.

In mid-July, the accounts of Elon Musk, Bill Gates, Joe Biden, Barack Obama, Kanye West, and many others were taken over to promote a cryptocurrency scam.

Twitter said that the entire system was targeted, rather than any specific account.

Now, it has confirmed that a “phone spear phishing attack” to target a small number of employees.

Spear phishing is when malicious individuals deceive victims into thinking they are someone they’re not, in order to gain personal information – in this case account management tools.

The attackers used the credentials of some Twitter employees to access internal systems and gain information about its “processes”, which then gave them the ability to target more employees who did have access to account support tools.

“The attackers targeted 130 Twitter accounts, ultimately Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7”, Twitter said.

“We will provide a more detailed technical report on what occurred at a later date given the ongoing law enforcement investigation and after we’ve completed work to further safeguard our service.”

This report suggests a different narrative to one Motherboard reported at the time of the hack, which suggested that an individual paid a Twitter employee for access.

Motherboard apparently spoke to the hackers responsible on the condition of anonymity. Twitter refused to comment in response to questions on that aspect of the hack.

The aim of the hackers seemed to be simply financial, encouraging users to donate towards a bitcoin address.

Reports also suggested there was a series of hidden messages in the transactions.

The message stated: “Just Read All/Transaction Outputs As Text/You Take Risk When Use Bitcoin/For Your Twitter Game/Bitcoin is Traceable/Why Not Monero”.

Monero is a cryptocurrency with more privacy features than Bitcoin, and so it could be the hackers were hoping to direct more people towards the currency.

While the Twitter hack is arguably the worst in its history, it could have had even greater repercussions.

Control over Joe Biden, and Barack Obama’s accounts could have seriously disrupted narratives about the legitimacy of the November 2020 presidential election, something president Trump is already attempting.

Similarly, control of Bill Gates, Jeff Bezos, and Apple’s account could have sent ripples through the technology industry – especially before the technology CEOs were set to be interviewed by congress.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in