The social networking site Twitter has released a statement regarding yesterday's attack on many popular accounts. The bitcoin scammers used Twitter's internal tools to hack.
Twitter tech support said that a "coordinated attack using social engineering" was carried out to gain access to the accounts. The attackers were able to hack into the computers of some of the company's employees who had access to internal tools.
“We discovered a coordinated social engineering attack on our employees who had access to internal systems and tools. The cybercriminals used this access to gain control over many popular, including verified, accounts, and published their own records, ”technical support writes.
After detecting the attack, Twitter immediately blocked the compromised accounts and deleted the malicious messages. In addition, the capabilities of a large group of accounts, including verified ones, were limited. The company stressed that after the attack, steps were taken to restrict access to internal systems and tools.
"Users of blocked accounts will be able to access them only after we are confident that the process is safe," the company said.
According to TechCrunch, a hacker known as "Kirk" is behind the hack. Using an internal Twitter tool, he accessed celebrity accounts and changed their email addresses, and also posted fraudulent posts. At the same time, at first he simply sold access to popular accounts and only later launched a full-scale attack.
Recall that on the evening of July 15, Twitter accounts of a number of cryptocurrency exchanges and users popular in the industry were hacked. A little later, fraudulent messages appeared on other popular accounts, including Elon Musk, Bill Gates, Apple, and so on. At the time of publication, the attackers were able to get 12.8 BTC ($ 118,000).
