Twitter said attackers targeted Twitter workers via social engineering program
New Delhi:
Twitter today released information about the massive hack of high-level user accounts from Elon Musk to Joe Biden on July 15. The attack, which Twitter and the federal police are investigating, began with a playful message between hackers on the Discord platform, a popular chat service for gamers, the New York Times reported Friday.
“While the investigation into this incident is taking place, there are certain details – particularly regarding corrective measures – that we are not providing at this time to protect the safety of the effort. We will provide more details, if possible in the future, so that the community and our peers can learn and benefit from what happened, “posted Twitter this morning on its official blog.
“Right now, we think the attackers have targeted some Twitter employees through a social engineering program. What does that mean? In this context, social engineering is manipulation intentional people to perform certain actions and disclose confidential information, “said microblogging site managed by Dit Jack Dorsey.
“The attackers managed to manipulate a small number of employees and use their identifiers to gain access to internal Twitter systems, including bypassing our two-factor protections. For now, we know they have accessed tools available only to our internal support teams to target 130 Twitter accounts, “said Twitter.
“For 45 of these accounts, the attackers were able to initiate a password reset, log in to the account, and send Tweets. We are continuing our forensic review of all accounts to confirm any actions that may have been taken. Also, we think they may have been trying to sell some of the usernames, “he said.
“For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading account information via our” Your Twitter data “tool. This is a tool intended to provide the account owner with a summary of their Twitter account details and activity. We contact any account owner directly where we know this to be true, “said Twitter.
“We learned about the attackers’ action on Wednesday, and we acted quickly to lock down and regain control of the compromised accounts. Our incident response team secured and revoked access to internal systems to prevent attackers gain more access to our systems or individual accounts. As mentioned above, we are deliberately limiting the details we share on our remediation steps at this time to protect their effectiveness and will provide more technical details, if possible, in the future, “said Twitter.
Posts trying to trick people into sending virtual currency bitcoin to hackers were tweeted by official accounts from Apple, Uber, Kanye West, Bill Gates, Barack Obama, and many others on Wednesday.
With AFP entries
