An investigation by the New York State Financial Services Department revealed that a huge Twitter hack occurred in July. A total of 130 well-known celebrity accounts were stolen, and many were used to tweet about the Bitcoin giveaway scam.
How Twitter was hacked
The New York State Department of Financial Services (NYDFS) released its Twitter survey report last week. It explains how the massive Twitter hack that took place on July 15 occurred, which resulted in many well-known accounts being accessed and used to post tweets about the Bitcoin giveaway scam.
NYDFS details that Twitter is a technology company listed on the New York Stock Exchange with a market capitalization of US$40 billion, total monthly active users of more than 330 million, and daily active users of more than 186 million, including more than 36 million in the United States (20%) ).
The hacking began on July 14, when one or more hackers called several Twitter employees, claiming to call the VPN about Twitter from the IT department’s service desk, and many employees reported problems. The report details: “Employees often encounter problems with VPN connections to the Internet.”
Due to the Covid-19 outbreak, when Twitter moved to remote work in March, Twitter’s VPN issues surged, which put pressure on the company’s technical infrastructure, resulting in frequent VPN issues. NYDFS said: “The hacker took advantage of these issues and pretended to call from Twitter’s IT department about VPN issues.”
The hacker’s statement was more credible and ultimately succeeded because Twitter employees are using VPN connections to work, and often encounter VPN problems that require the assistance of the IT department.
The hacker directed employees to a fake website that looked identical to the legitimate Twitter VPN website and was hosted by a similarly named domain. “When employees enter their credentials into the phishing website, the hacker will also enter the information into the real Twitter website. This wrong login generates an MFA notification that requires employees to authenticate themselves, some of which have already been authenticated. “Although some employees reported calls to Twitter’s internal fraud monitoring team, at least one employee believed that the hacker was lying. “
The report details the “internal account management tools” maintained by Twitter to manage a series of user account issues that hackers can access. Many authorized Twitter employees have usernames and passwords to access these internal account management tools. According to the report:
In total, 130 Twitter user accounts were compromised during the Twitter hack. Among them, 45 accounts are used to send tweets. Twitter believes that among the 130 target accounts, as many as 36 hackers also accessed the DM inbox.
During the investigation, NYDFS conducted an investigation and learned that 15 cryptocurrency companies blocked the transfer of hacker addresses posted on Twitter, while 7 did not. The four crypto companies actively blocked attempts by their users to send BTC to the hacker’s Bitcoin address. NYDFS found in particular:
Coinbase blocked approximately 5,670 transfers worth approximately $1,294,000. Square blocked 358 transfer transactions, valued at approximately US$51,000. Gemini prevented two transfers, valued at approximately $1800. Bitstamp blocked a transfer, worth about $250.
What do you think of this Twitter hacker? Let us know in the comments section below.
Picture Credits: Shutterstock, Pixabay, Wiki Commons
Disclaimer: This article is for reference only. It is not a direct offer or solicitation of an offer, nor is it a recommendation or endorsement of any product, service or company. Bitcoin.com does not provide investment, tax, legal or accounting advice. The company or the author is not directly or indirectly responsible for any damage or loss caused or allegedly caused by the use or reliance on any content, goods or services mentioned in this article or related thereto.