Twitter account details of large-scale hacking case announced by Twitter, up to 8 accounts may have stolen detailed data such as DM



Famous names such as Tesla and SpaceX founder Elon Musk, Microsoft co-founder Bill Gates, former US president Barack Obama, and Democratic US presidential candidate Joe Biden. Regarding the problem that people's Twitter accounts were hacked all at once, Twitter revealed information that could be published at the time of article creation in its own blog.

An update on our security incident

https://blog.twitter.com/en_us/topics/company/2020/an-update-on-our-security-incident.html

Read Twitter's update on the huge hack — 8 accounts may have had private messages stolen-The Verge
https://www.theverge.com/2020/7/18/21329277/twitter-hack-breach-update-july-17-your-twitter-data-theft

On July 16, 2020, Twitter accounts such as Apple and Tesla founder Elon Musk were hacked all at once and posted a tweet about bitcoin fraud. What tweets were posted on the hacked account is detailed in the article below.

Twitter companies and celebrity accounts such as Apple and Elon Musk are hacked at once-GIGAZINE



The next day, on July 17, Twitter announced that there was no evidence of a leaked password for an account that was hacked as a result of an internal investigation.

Official announcement that there is no evidence of password leakage about Twitter's large-scale hacking incident-GIGAZINE



And on July 18, Twitter is reporting on the latest research on large-scale hacks. In addition, this report is a summary of information up to 13:00 on July 18, 2020 Japan time, and it is said that some information is not disclosed for security protection.

Twitter analyzes that the attacker who carried out this large-scale hacking attack targeted a specific Twitter employee using social engineering . Social engineering is 'a method of stealing information such as passwords necessary to break into a network without using information and communication technology', and Twitter said 'to perform a specific action and leak confidential information. 'Intentionally manipulating people.'

According to Twitter, the attacker manipulated a small number of employees and broke two-step verification etc. using the employee's credentials and accessed Twitter's internal system. It has been revealed that the attacker had access to tools available only to Twitter's internal support team and made hacking attacks against over 130 Twitter accounts. In addition, it seems that 45 of the accounts that received the hacking attack had their passwords reset by the attackers and posted a tweet about bitcoin fraud.



The 130 hacked attacks revealed: 'The account password is not stored in plain text, or the tools used in the attack cannot access the password, so I couldn't confirm what it was like.' However, it seems that the attacker was able to confirm personal information such as the email address and telephone number associated with the account. It has been pointed out that the 45 accounts that were taken over by the attackers could have been able to display additional information other than their email address and phone number.

Twitter

intends to continue forensics on all accounts that may have been hacked and see any actions that may have been taken. In addition, Twitter wrote, 'We may have tried to sell a part of the user name of the hacked Twitter account.'

Also, according to a Twitter survey, eight Twitter accounts that were damaged by this hacking attack may have downloaded account information using the ' Twitter data ' tool. Twitter data is a tool to provide account owners with details of Twitter accounts and activity summary, and it is also possible to check the contents of past direct messages (DM). In addition, Twitter wrote that there was no account whose identity was confirmed among the accounts that used Twitter data.



After the hacking attack was discovered, Twitter said it quickly managed to freeze any potentially damaged accounts and regain control. Security teams say they have revoked access to internal systems to prevent attackers from accessing the system or individual accounts. Since there are no more details that can be reported at the time of writing the article, technical details will be reported 'at the time when it becomes possible in the future'.

In addition, Twitter imposes functional restrictions on many accounts and prohibits tweet and password change, and it is said that measures have been taken to prevent fraudulent tweets from being posted by attackers. In addition, by temporarily freezing the account that tried to change the password after the hacking attack, it is said that the spread of hacking damage was prevented. It seems that many accounts have already had their functional restrictions removed, and the accounts that tried to change their passwords have also been temporarily frozen.

Twitter will continue to investigate hacking cases and will continue to work with law enforcement agencies in the longer term to improve the security of the system.

in Web Service,   Security, Posted by logu_ii