Hackers rang up Twitter employees and tricked them into handing over credentials

  • Twitter published an update on its investigation into the highly visible hack it suffered earlier this month.
  • It says the hack began with a "phone spear phishing attack" on a small number of employees.
  • The attackers used these initial employees' credentials to learn more about Twitter's processes, and then target more employees with higher levels of access to internal tools.
  • Visit Business Insider's homepage for more stories.

The hack that landed Twitter in the headlines earlier this month appears to have started with a phone call.

Twitter on Thursday published an update on its investigation into the hack that took place on July 15, when hackers gained access to 130 accounts and tweeted links to a bitcoin scam from high-profile accounts including those belonging to Barack Obama, Joe Biden, Elon Musk, Bill Gates, Kim Kardashian, and more.

Twitter said the hack started with a "phone spear phishing attack" on a small number of employees. Spear phishing is a targeted attack on specific individuals or an organization, which involves deceiving someone into thinking you're a member of the target's company, or someone else they trust.

It seems the hackers were able to talk at least some of the employees into telling them their credentials.

"A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools. Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes. This knowledge then enabled them to target additional employees who did have access to our account support tools," Twitter wrote in its blog.

Reports emerged shortly after the hack that the hackers had gained access to an internal employee dashboard which allowed them to change the emails associated with accounts and reset their passwords.

"Using the credentials of employees with access to these tools, the attackers targeted 130 Twitter accounts, ultimately Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7," the company added.

Previously Twitter said up to 8 accounts had had their data downloaded by the hackers.

Source: Read Full Article