Twitter: Attack was carried out via targeted telephone phishing
Twitter says the hack of its internal systems took place through targeted telephone phishing among employees. As a result, attackers obtained the login details of specific employees, which they used to penetrate internal systems.
According to Twitter, the attackers targeted a small number of employees with telephone spear phishing. In order to post with known accounts, the attackers had to gain access to Twitter’s internal network as well as login details for specific employees. writes the service.
Not all of the targeted employees had access to the management tools that were eventually used to take over accounts. However, the attackers were able to penetrate the internal systems with the login details of those employees and ‘gather information about processes’. With that knowledge, the hackers could attack other employees who had access to the support tools.
According to Twitter, the attackers have made concerted efforts to mislead employees and take advantage of “human vulnerabilities.” Twitter does not provide technical details, but the service says a technical report will follow later, after investigation by law enforcement agencies and its own internal investigation has been completed. Twitter is assisted by the FBI, among others.
The social network reiterates that the hackers targeted 130 Twitter accounts after gaining access to the company’s tools. They managed to send out tweets with bitcoin scams from 45 accounts. The private messages were viewed from 36 accounts and all Twitter data was downloaded from 7 unverified accounts, via the appropriate function of the service.
Various publications have made reconstructions about how the hack could have taken place, based on information from insiders. The New York Times published an article about the young people who are said to be behind the attack. They would come from a scene that focuses on Twitter account trading with few characters. Security researcher Brian Krebs also published substantive explanations, as did the owner of @ 6, one of the acquired accounts.