Epic Twitter Hack Targeted 130 Accounts

UPDATE 7/18: Twitter says the attackers may have viewed private information from the 130 accounts targeted in Wednesday's hack.

In an update on Friday, the company said the culprits were able to see the email addresses and phone numbers registered to the 130 accounts.

In total, the culprits successfully hijacked 45 out of the 130 targeted accounts, which enabled them to send tweets about the Bitcoin scam.

"For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account’s information through our '' tool," the company said.

As a result, the attackers potentially had the ability to download a copy of the private direct messages sent to and from the eight victimized accounts.

However, Twitter noted that none of the eight accounts were verified, meaning they probably didn't belong to any major public figures.

In the same update, Twitter also apologized for the security incident.

"We’re embarrassed, we’re disappointed, and more than anything, we’re sorry.

We know that we must work to regain your trust, and we will support all efforts to bring the perpetrators to justice," the company said.

According to The New York Times, the culprits pulled off the Wednesday's epic hack by first breaching the company's internal messaging channel on Slack, the business chat platform.

Apparently, company staff had posted the login credentials to Twitter's internal admin tool in the same channel.

Original story:
This week’s epic Twitter hack targeted about 130 accounts, although only a “small subset” were actually hijacked, according to the company.

“Based on what we know right now, we believe approximately 130 accounts were targeted by the attackers in some way as part of the incident,” Twitter said in a Thursday update.

“For a small subset of these accounts, the attackers were able to gain control of the accounts and then send Tweets from those accounts.”

The hackers took control of internal tools by paying a Twitter insider for the access, Motherboard reports.

This allowed them to change the registered email addresses on targeted accounts, at which point the hackers were likely able to reset account passwords and even revoke two-factor authentication settings, paving the way for the takeovers.   

Ultimately, accounts belonging to public figures including Barack Obama, Bill Gates and Elon Musk were compromised.

The attackers tweeted out a Bitcoin scam, which managed to collect over $119,000. The hack was so swift and brazen, it seemed like the culprits had access to any account they desired.

Official profiles belonging to Apple, Uber, Jeff Bezos, Joe Biden, and Kim Kardashian West were also accessed, giving the attackers a massive platform to promote their scheme.

One lingering question is whether the attackers had access to the accounts' private direct messages, potentially exposing juicy information.

Twitter is still trying to determine the answer.

However, the company the attackers never had access to user passwords. 

As for who pulled off the hack, evidence is emerging that the user behind the Twitter account @shinji was one of those responsible.

In the midst of Wednesday’s epic hack, the account briefly tweeted a screenshot of the internal admin tool Twitter uses to control people’s accounts.

At one point, @shinji also bragged about hijacking another Twitter account.  

Twitter has since shut down the @shinji account, and has been deleting screenshots of the internal admin tool he posted.

According to security journalist Brian Krebs, the @shinji account may belong to a 21-year-old UK resident, who’s been active in the hacking community. 

Fortunately, the goal of this week's hack appears to be a Bitcoin scam.

However, US lawmakers are worried more devious actors could pull off a similar scheme to manipulate an election or start a war. 

“It is not difficult to imagine future attacks being used to spread disinformation or otherwise sow discord through high-profile accounts, particularly through those of world leaders,” US Senator Roger Wicker (R-Mississippi) wrote in a letter to Twitter CEO Jack Dorsey that demands details about the hack.

According to The New York Times, President Donald Trump’s Twitter account has been under a “special kind of lock-and-key” protection since 2017, when a Twitter contractor temporarily deleted the President’s account.

In the meantime, Twitter is still investigating the incident, which is resulting in the temporary shutdown of certain features, including downloading your Twitter data.

“We have also been taking aggressive steps to secure our systems while our investigations are ongoing,” the company added.

“We’re still in the process of assessing longer-term steps that we may take and will share more details as soon as we can.”

UPDATE 7/18: Twitter says the attackers may have viewed private information from the 130 accounts targeted in Wednesday's hack.

In an update on Friday, the company said the culprits were able to see the email addresses and phone numbers registered to the 130 accounts.

In total, the culprits successfully hijacked 45 out of the 130 targeted accounts, which enabled them to send tweets about the Bitcoin scam.

"For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account’s information through our '' tool," the company said.

As a result, the attackers potentially had the ability to download a copy of the private direct messages sent to and from the eight victimized accounts.

However, Twitter noted that none of the eight accounts were verified, meaning they probably didn't belong to any major public figures.

In the same update, Twitter also apologized for the security incident.

"We’re embarrassed, we’re disappointed, and more than anything, we’re sorry.

We know that we must work to regain your trust, and we will support all efforts to bring the perpetrators to justice," the company said.

According to The New York Times, the culprits pulled off the Wednesday's epic hack by first breaching the company's internal messaging channel on Slack, the business chat platform.

Apparently, company staff had posted the login credentials to Twitter's internal admin tool in the same channel.

Original story:
This week’s epic Twitter hack targeted about 130 accounts, although only a “small subset” were actually hijacked, according to the company.

“Based on what we know right now, we believe approximately 130 accounts were targeted by the attackers in some way as part of the incident,” Twitter said in a Thursday update.

“For a small subset of these accounts, the attackers were able to gain control of the accounts and then send Tweets from those accounts.”

The hackers took control of internal tools by paying a Twitter insider for the access, Motherboard reports.

This allowed them to change the registered email addresses on targeted accounts, at which point the hackers were likely able to reset account passwords and even revoke two-factor authentication settings, paving the way for the takeovers.   

Ultimately, accounts belonging to public figures including Barack Obama, Bill Gates and Elon Musk were compromised.

The attackers tweeted out a Bitcoin scam, which managed to collect over $119,000. The hack was so swift and brazen, it seemed like the culprits had access to any account they desired.

Official profiles belonging to Apple, Uber, Jeff Bezos, Joe Biden, and Kim Kardashian West were also accessed, giving the attackers a massive platform to promote their scheme.

One lingering question is whether the attackers had access to the accounts' private direct messages, potentially exposing juicy information.

Twitter is still trying to determine the answer.

However, the company the attackers never had access to user passwords. 

As for who pulled off the hack, evidence is emerging that the user behind the Twitter account @shinji was one of those responsible.

In the midst of Wednesday’s epic hack, the account briefly tweeted a screenshot of the internal admin tool Twitter uses to control people’s accounts.

At one point, @shinji also bragged about hijacking another Twitter account.  

Twitter has since shut down the @shinji account, and has been deleting screenshots of the internal admin tool he posted.

According to security journalist Brian Krebs, the @shinji account may belong to a 21-year-old UK resident, who’s been active in the hacking community. 

Fortunately, the goal of this week's hack appears to be a Bitcoin scam.

However, US lawmakers are worried more devious actors could pull off a similar scheme to manipulate an election or start a war. 

“It is not difficult to imagine future attacks being used to spread disinformation or otherwise sow discord through high-profile accounts, particularly through those of world leaders,” US Senator Roger Wicker (R-Mississippi) wrote in a letter to Twitter CEO Jack Dorsey that demands details about the hack.

According to The New York Times, President Donald Trump’s Twitter account has been under a “special kind of lock-and-key” protection since 2017, when a Twitter contractor temporarily deleted the President’s account.

In the meantime, Twitter is still investigating the incident, which is resulting in the temporary shutdown of certain features, including downloading your Twitter data.

“We have also been taking aggressive steps to secure our systems while our investigations are ongoing,” the company added.

“We’re still in the process of assessing longer-term steps that we may take and will share more details as soon as we can.”