Probe Reveals That Twitter Hack Was A Spear Phishing Attack

Probe Reveals That Twitter Hack Was A Spear Phishing Attack

SUMMARY

Hackers attacked Twitter employees to gain access to its internal support tools

Besides Barack Obama and Elon Musk, the security of nearly 130 Twitter accounts was compromised

Even India’s CRET-In had issued a notice to Twitter seeking clarification and details about the hack

Earlier this month, Twitter accounts of high-profile celebrities, businessmen and politicians hacked to peddle a cryptocurrency scam. The investigation has now revealed that Twitter found that the massive hack was the result of a spear-phishing attack. It added that the hack “significantly limited” access to its internal tools.

The microblogging platform explained that hackers had access to one of the employees’ credentials and used it to target others as well to gain access to its internal support tools. Twitter also highlighted that not all its employees who were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes.

“This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems. This was a striking reminder of how important each person on our team is in protecting our service,” Twitter said in a blog post.

Spear phishing is an email or electronic communications scam targeted towards a specific individual, organisation or business. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted user’s computer.

Twitter noted that the phishing attack took place on July 12, 2020. Once the hackers gained entry, they targeted 130 Twitter accounts. Of which it tweeted from 45, accessed DM inbox of 36 and downloaded the data of eight users. The social media platform has noted that none of the eight profiles were verified.

Some prominent names that were impacted were former US president Barack Obama, US president candidate Joe R Bide, rapper Kanye West, Microsoft founder Bill Gates and Tesla’s Elon Musk. Institutional handles like Apple were also hacked.

After the breach, India’s nodal agency for cybersecurity, the Indian Computer Emergency Response Team (CERT-In) has issued a notice to Twitter, instructing the social media platform to provide details of the recent global hack.

According to media reports citing sources, the agency sought complete information on the number of Indian users affected, the impact on data and remedial measures taken by the company to prevent such attacks in the future. CERT-In also wanted an update on the information of vulnerability exploited by attackers and modus operandi of the attack.

In its latest blog, Twitter has highlighted that it has ‘significantly limited access to their internal tools and systems. But for the time being, its response time to support needs and reports will be slower until the company can safely resume its operations.

The Twitter team is also constantly updating and improving to make the tools, controls and processes more sophisticated. Overall, the microblogging site is accelerating several of their pre-existing security work streams and improving methods for detecting and preventing inappropriate access to its internal systems.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Probe Reveals That Twitter Hack Was A Spear Phishing Attack-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Probe Reveals That Twitter Hack Was A Spear Phishing Attack-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Probe Reveals That Twitter Hack Was A Spear Phishing Attack-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Probe Reveals That Twitter Hack Was A Spear Phishing Attack-Inc42 Media
Probe Reveals That Twitter Hack Was A Spear Phishing Attack-Inc42 Media
You’re in Good company