How did Twitter's hackers do it? Here's one likely explanation
By Robert Hackett
3-4 minutes
Update: Twitter confirmed it believes hackers targeted employees with “a coordinated social engineering attack” that gave the hackers access to “internal systems and tools.”
Cybersecurity experts are speculating about the cause of a
spate of high-profile Twitter hijackings that rocked the social media giant on Wednesday.
The accounts of many of Twitter’s most prominent users including former Vice President Joe Biden,
Tesla CEO Elon Musk, and
Microsoft co-founder Bill Gates posted fraudulent tweets intended to lure people into Bitcoin-related scams.
The growing consensus is that Twitter—the company, rather than individual users impacted—succumbed to a major hack. While the technical details of the latest breach remain unclear, the leading theory is that hackers gained access to an administrative “panel” used by Twitter employees to manage people’s accounts.
Screenshots of the purported panel circulated online in the aftermath of the hacking,
as Vice Motherboard reported. Twitter has deleted the images, saying they violate the company’s rules about sharing “private, personal information” in tweets.
A source with intimate knowledge of the company’s internal workings told
Fortune this theory was the likeliest explanation for the widespread account hijackings. The individual requested anonymity because of a lack of authorization to speak to press.
“Think of this like a web form,” the source said, describing Twitter’s technical infrastructure. Such tools enable the company's engineers to handle key operations—everything from account suspensions to advertising campaigns.
But these tools can also allow an attacker—such as a rogue, hacked or otherwise comprised insider—to "come in sideways" and send a tweet from any account, the source said.
Twitter did not respond to
Fortune’s questions about the hack, and instead pointed to its
public comments. In those comments, the company said it had temporarily disabled tweets and password resets by “verified” accounts
while attempting to regain control, an unprecedented measure.
It’s unclear who's behind the hacking. The perpetrators may have at least been partly motivated by money, given
their public posts requesting that Twitter users send them cryptocurrency.
"We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,"
Twitter said.
https://fortune.com/2020/07/15/twitter-hacking-how-they-did-it/