LATEST TWITTER HACK ‘EXTREMELY DANGEROUS’
‘One of the most significant’ hacks of last decade, expert says
Twitter, not the accounts of multiple high-profile members, most likely was hacked in an apparent Bitcoin scam that threatens to damage the platform’s credibility, experts said.
“When you see dozens of accounts compromised, it’s almost for certain the breach was of Twitter’s internal software,” said Andy Yen, CEO of ProtonMail, an encrypted email service. “Whoever did this either tricked, bribed or blackmailed someone at Twitter to get access to that software.”
Yen called Wednesday’s breach “one of the most significant attacks of the last decade,” noting that although it appears to have been financially motivated, if whoever is responsible had been able to gain access to President Trump’s Twitter account, “it could have started a war.”
“It’s extremely dangerous,” he said. “Twitter is used by Trump as a foreign policy tool. We cannot understate the significance of that.”
The ruse included bogus tweets from former President Barack Obama; Democratic presidential frontrunner Joe Biden; Mike Bloomberg; celebrities Kanye and Kim Kardashian West; and several tech billionaires, including Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk. The fake tweets offered to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.
The Bitcoin account appears to have been created on Wednesday. By the end of the day, it had received almost 12.9 bitcoins, an amount currently valued at slightly more than $114,000. At some point during the day, roughly half that sum in bitcoin was withdrawn from the account.
Among the political figures targeted, the hack mostly appeared to target Democrats or other figures on the left, drawing comparisons to the 2016 campaign.
The attack might also be a simple demonstration of Twitter’s weak security controls as the U.S. heads into the 2020 presidential election, a contest in which the service is likely to play an influential role.
In a series of tweets, Twitter said it believes the incident was a “coordinated social engineering attack” that targeted some of its employees with access to internal systems and tools. They were then used to take control many high-profile and verified accounts and tweet from them.
“It just underscores the notion that employees are your weakest link,” said Anthony Townsend, associate professor of management information systems at Iowa State University. “You have people who have keys to the kingdom, yet an an awful lot of companies don’t vet them. It’s intrusive, but they should be continually vetted.”
The company said it immediately locked down the affected accounts and removed the tweets posted by the attackers. It also temporarily blocked verified users from tweeting while the company investigated the issue.
“Twitter needs to restore confidence in its brand by being transparent,” Yen said. “They should be able to reconstruct what happened. If they can’t do that, that’s a major security failure, and that would undermine the credibility of the company.”
Herald wire services contributed to this story.