Twitter has released more details on how dozens of high profile accounts have been accessed and used to promote cryptocurrency fraud this week.
Twitter has previously announced that around 130 accounts were involved in the hack, including accounts of prominent political figures like Barack Obama and Joe Biden, cryptocurrency enthusiasts Elon Musk, and other celebrities like Kanye West.
The company announced that the attack was made possible by a "social engineering program" in which cybercriminals attacked Twitter employees with "deliberately manipulating people to take certain actions and disclose confidential information."
Twitter described the scheme in more detail, saying that attackers had managed to get employees to provide or tamper with their credentials. The attackers then used these credentials to gain access to Twitter's systems, bypass two-factor authentication protection, and use an internal administration tool to reset passwords.
From the 130 target accounts, the attackers were able to reset the passwords and log in to 45 accounts. This led to the sending of the cryptocurrency fraud tweets. However, many fear that the attackers could have done more damage because they had full access to these accounts. A particular concern was whether the attackers could access private content such as direct messages.
This fear seems to be justified for at least some of the goals. Twitter announced: "For up to eight of the Twitter accounts involved, the attackers have taken the additional step of downloading account information through our" Your Twitter Data "tool. This is a tool that an account holder uses to summarize his Twitter account details and activities. "
The Your Twitter Data tool contains a complete list of account activity, which The Verge says contains an archive of direct messages. This data can even contain deleted direct messages, which is an additional concern. There is concern that these personal messages could be used for extortion or maliciously spread.
Twitter has confirmed that none of the eight accounts whose data has been downloaded has been verified and has reached all eight people to inform them. The company has announced that it will not disclose the identity of these accounts.
Twitter is investigating what happened and how it can improve the security of its systems. The company recognizes the enormous loss of public confidence in its services and says: "We are embarrassed, we are disappointed and most of all we are sorry." We know we have to work to regain your trust and we will support every effort to bring the perpetrators to justice. "