Twitter reveals how Bitcoin scammers hijacked celebrity accounts

WION Web Team Washington, United States Jul 31, 2020, 05.25 PM(IST)

The Twitter logo and binary cyber codes are seen in this illustration. Photograph:( Reuters )

Story highlights

Hackers had accessed Twitter's internal systems on July 15 to hijack some of the platform's top voices including US presidential candidate Joe Biden, reality TV star Kim Kardashian, former US President Barack Obama and billionaire Elon Musk and used them to solicit digital currency.

Social media giant Twitter on Friday explained how Bitcoin scammers hijacked celebrity accounts of Barack Obama, Jeff Bezos and Kim Kardashian two weeks ago.

The tech firm revealed that hackers responsible for the recent high-profile breach used a phone to fool the social media company's employees into giving them access.

They used the technique of "spear-phishing" to attack, which is a practice of sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information.

Also read: Australia unveils law forcing Google, Facebook to pay for news

Attackers also targeted specific employees who had access to account support tools, Twitter said, adding that it restricted access to its internal tools and systems ever since the incident occurred.

Hackers had accessed Twitter's internal systems on July 15 to hijack some of the platform's top voices including US presidential candidate Joe Biden, reality TV star Kim Kardashian, former US President Barack Obama and billionaire Elon Musk and used them to solicit digital currency.

Also read: Amazon takes on SpaceX, set to invest $10 billion in satellite broadband plan

Publicly available blockchain records show the apparent scammers received more than $100,000 worth of cryptocurrency.

The hackers targeted 130 accounts. They managed to tweet from 45 accounts, access the direct message inboxes of 36, and download the Twitter data from seven. Dutch anti-Islam lawmaker Geert Wilders has said his inbox was among those accessed.

Twitter didn't provide any more information about how the attack was carried out, saying it would provide a more detailed report later, given the ongoing law enforcement investigation. The company has previously said the incident was a coordinated social engineering attack that targeted some of its employees with access to internal systems and tools.