How Hackers Exploited Twitter’s VPN Problems, Obtained God Mode and Took Over Accounts

How Hackers Exploited Twitter’s VPN Problems, Obtained God Mode and Took Over Accounts
фото показано с : news.bitcoin.com

2020-10-26 22:15

An investigation by the New York State Department of Financial Services has revealed how the great Twitter hack in July happened. A total of 130 high-profile, celebrity accounts were compromised and many were used to tweet about a bitcoin giveaway scam.

How Twitter Was Hacked

The New York State Department of Financial Services (NYDFS) released its Twitter investigation report last week. It explains how the massive Twitter hack on July 15 happened, resulting in many high-profile accounts being accessed and used to tweet about a bitcoin giveaway scam.

A NYSE-listed technology company with a market cap of $40 billion, Twitter has more than 330 million total monthly active users and over 186 million daily active users, including over 36 million (20%) in the U.S., the NYDFS detailed.

The hack began on July 14 when one or more hackers called several Twitter employees, claiming to be calling from the IT department’s help desk about Twitter’s VPN, which a number of employees reported having problems with. “Employees had frequent problems with the VPN connections to the network,” the report details.

Twitter’s VPN problem ballooned when the company shifted to remote working in March due to the Covid-19 outbreak, which put a strain on the company’s technology infrastructure, resulting in frequent VPN problems. “The hackers took advantage of these issues and pretended to be calling from Twitter’s IT department about a VPN problem,” the NYDFS stated, elaborating:

The hackers’ claims were far more credible – and ultimately successful – because Twitter’s employees were all using VPN connections to work and routinely experiencing VPN problems that required IT’s assistance.

The hackers directed the employees to a phishing website that looked identical to the legitimate Twitter VPN website and was hosted by a similarly named domain. “As the employee entered their credentials into the phishing website, the hackers would simultaneously enter the information into the real Twitter website. This false log-in generated an MFA notification requesting that the employees authenticate themselves, which some of the employees did,” the NYDFS explained. “While some employees reported the calls to Twitter’s internal fraud monitoring team, at least one employee believed the hackers’ lies.”

The report details that Twitter maintains “internal account management tools” to manage a range of user account issues, which the hackers gained access to. A number of authorized Twitter employees have a username and password to access these internal account management tools. According to the report:

Overall, 130 Twitter user accounts were compromised during the Twitter hack. Of those, 45 accounts were used to send tweets. Twitter believes that for up to 36 of the 130 targeted accounts, the hackers also accessed DM inboxes.

During its investigation, the NYDFS conducted a survey and learned that 15 cryptocurrency companies blocked transfers to the hackers’ addresses posted on Twitter, and seven did not. Four crypto companies actively blocked their users’ attempts to send BTC to the hackers’ bitcoin addresses. In particular, the NYDFS found:

Coinbase blocked approximately 5,670 transfers, valued at approximately $1,294,000. Square blocked 358 transfers, valued at approximately $51,000. Gemini blocked two transfers, valued at approximately $1,800. Bitstamp blocked one transfer, valued at approximately $250.

What do you think about this Twitter hack? Let us know in the comments section below.

The post How Hackers Exploited Twitter’s VPN Problems, Obtained God Mode and Took Over Accounts appeared first on Bitcoin News.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Bitcoin (BTC) на Currencies.ru

$ 95742.75 (-1.47%)
Объем 24H $40.289b
Изменеия 24h: -1.76 %, 7d: -6.90 %
Cегодня L: $95742.75 - H: $97458.26
Капитализация $1895.671b Rank 1
Цена в час новости $ 12947.83 (639.45%)

accounts twitter happened total 130 july giveaway

accounts twitter → Результатов: 126


Фото:

Yes, you’re losing Twitter followers. No, it’s not because you’re an asshole (probably).

Twitter today announced it’d be removing locked accounts from users’ follower counts.  If you’ve noticed a precipitous drop in follower counts today, it’s not you — it’s your followers. Reports surfaced earlier this week that Twitter had suspended a multitude of fake accounts in the months of May and June — apparently in an attempt to curb the rise of bot and their accompanying cocktail of issues.

2018-7-12 02:47


Фото:

Twitter Experience Worsens, Ether Fake Giveaways Taking Over

Fake ether token giveaways are clogging Twitter threads, and seemingly by the second. Targeting well-known ecosystem figures, doppelganger accounts are created, complete with matching avatars. A particularly active post can almost assuredly be counted on to receive seemingly organic calls for participation in free crypto programs hosted by the respective personality.

2018-6-12 14:15