Twitter is investigating whether hackers bribed an employee to get access to celebrity accounts in catastrophic breach

0
24

                                Twitter is investigating whether hackers bribed an employee to get access to celebrity accounts in catastrophic breachTwitter CEO Jack Dorsey is seen above. Wednesday's massive hack of the social media site was perpetrated by a group of young pals with no state ties, according to a new report

Twitter CEO Jack Dorsey is seen above. Wednesday’s massive hack of the social media site was perpetrated by a group of young pals with no state ties, according to a new report

The group posted ads on the forum OGusers.com offering to sell 'OG accounts' for bitcoin

Twitter confirms 130 accounts were targeted in hack which went for some of the world’s most powerful including Barack Obama, Bill Gates and Elon Musk, as the FBI investigates

Twitter has confirmed that some 130 accounts were hacked during Wednesday night’s attack – the most serious breach of its security in history.

Joe Biden, Bill Gates, Barack Obama and Elon Musk were among those targeted, with the hackers posting messages on their accounts suggesting followers make ‘donations’ via Bitcoin.

Millions of followers were told that, that in the spirit of generosity, they would double anyone’s Bitcoin ‘for the next 30 minutes’.

Some were duped, sending Bitcoin payments and expecting a double return that never arrived.

It is thought that the attack – the work of young hijackers with no links to state or organised crime – is one of the biggest hacks in history.

Though ‘Kirk’ originally claimed to work for Twitter, ‘lol’ came to doubt the claim after seeing the damage he was willing to inflict on the company.

One hacker, PlugWalkJoe, told The Times that he had heard rumours that ‘Kirk’ gained access to an internal Twitter Slack channel where he saw user credentials. A Twitter spokesman declined to comment, citing the active investigation.

A separate investigation by researcher Brian Krebs and cybersecurity firm Unit 211B claims that PlugWalkJoe, who was sold OG accounts by the group and posted photos of Twitter’s internal tools on the site with his accounts shortly before the attack, was also a young Brit.

According to sources, PlugWalkJoe is known for SIM swapping attacks and is also linked with ChucklingSquad, the group allegedly behind the 2019 hacking of Twitter’s chief Mr Dorsey.

Millions of followers were told that, that in the spirit of generosity, they would double anyone’s Bitcoin ‘for the next 30 minutes’. Some were duped, sending Bitcoin payments and expecting a double return that never arrived.

Cybersecurity experts were stunned by the startling revelation that Wednesday’s breach, unprecedented in scale for the social media site, had been executed by a group of young hackers, not a sophisticated state actor.

The fraudulent posts, which were deleted, said people had 30 minutes to send $1,000 in bitcoin, promising they would receive twice as much in return.

More than $100,000 worth of bitcoin was sent to email addresses mentioned in the tweets, according to Blockchain.com, which monitors crypto transactions.

The attack affected high-profile accounts including former president Barack Obama

The attack affected high-profile accounts including former president Barack Obama

'ever so anxious' was able to gain control of the Twitter account he had long coveted, @anxious, which now displays his contact info in the bio, according to the Times

‘ever so anxious’ was able to gain control of the Twitter account he had long coveted, @anxious, which now displays his contact info in the bio, according to the Times

Experts warn hackers could swing elections, stock market and potentially start a WAR after Barack Obama, Joe Biden and Elon Musk accounts were hijacked in ‘biggest ever’ security breach

The Twitter security breach that allowed hackers to hijack the accounts of billionaires, politicians, celebrities and companies has sparked fears they could have wreaked havoc on the stock market, meddled in elections or even potentially started a war.

Barack Obama, Joe Biden, Jeff Bezos and Elon Musk were among the victims of the four-hour attack on Wednesday that saw hackers infiltrate Twitter’s internal systems and post bogus tweets from the high profile accounts asking people to send Bitcoin.

Publicly available blockchain records show that the scammers received more than $116,000 worth of cryptocurrency, which equates to 12.8 bitcoin, from over 300 people over the four-hour stretch.

Twitter described the hack as ‘social engineering’, which occurs when a hacker tricks someone into providing their login credentials.

While the hack is thought to be one of the largest in history, experts have warned that Twitter was ‘extremely lucky’ the hackers appeared to only be after money and that it ‘could have been much worse’.

‘Based on what we know right now, we believe approximately 130 accounts were targeted by the attackers in some way as part of the incident,’ Twitter said in a tweet.

‘For a small subset of these accounts, the attackers were able to gain control of the accounts and then send Tweets from those accounts.’

Posts trying to dupe people into sending hackers the virtual currency bitcoin were tweeted by the official accounts of Apple, Uber, Kanye West, Gates, Obama and many others on Wednesday.

Twitter said it appeared to be a ‘coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.’

The young hackers maintained they stopped serving as middlemen for ‘Kirk’ when high-profile accounts became targets.

Some hackers are ‘obsessed’ with hijacking ‘Original Gangster’ social media accounts staked out in the services’ early days that have short profile names, according to Brian Krebs of Krebs on Security.

‘Possession of these OG accounts confers a measure of status and perceived influence and wealth in SIM swapping circles, as such accounts can often fetch thousands of dollars when resold in the underground,’ Krebs said in a post.

‘An incident such as this could have extraordinary serious consequences – manipulation of the markets, disinformation relating to an election, etc,’ Brett Callow, a threat analyst at cybersecurity firm Emsisoft, told DailyMail.com.

‘However, in this case, reporting suggests that the hack was carried out by a group of young people who may have done nothing worse than execute a bitcoin scam. Twitter got lucky.’

LEAVE A REPLY