Twitter experienced a major attack from a cryptocurrency scam – which consisted of many high-profile accounts coming under threat. Post the Twitter hack, there has been a wave of speculation as to what possibly caused this unprecedented Twitter hack, and, most importantly, why! Reporters have now started to dig deep into this and also to understand by getting hold of information regarding the same.
A rough estimate points towards a total of 130 accounts being under the attack. The effect of this attack on these 130 accounts is still unclear. The New York Times has shed light on this twitter hack.
Twitter in its statement about the same has said, “We have no evidence that attackers accessed passwords,” along with mentioning that it does not think it is it necessary to change passwords at the moment. Twitter has not commented anything on the problem of direct messages being compromised.
“While it still isn’t clear if the hackers behind yesterday’s incident gained access to Twitter direct messages, this is a vulnerability that has lasted for far too long, and one that is not present in other, competing platforms,” Senator Ron Wyden said.
As per the report, it suggests that the attack may have been carried out by a group of hackers who assemble on OGusers.com. It is a username-swapping community which involves buying and selling online handles which majorly consists of single letters or numbers. In this case of Twitter hack, coveted accounts of high profile individuals were targeted.
The signs of this attack were visible when the Twitter account for the cryptocurrency exchange Binance had left a tweet which read about its partnership with “CryptoForHealth” to give out 5000 bitcoin to the community and provided with a link where people could make donations.
Moments after that tweet was posted, similar tweets went out from the accounts of high profile individuals like Joe Biden, Jeff Bezos, Barack Obama, Elon Musk and former New York City Mayor Michael Bloomberg and Warren Buffet.
A detail that has been revealed is how this group of hackers got the login credentials: it is suggested that they got this information from copying them from a message posted on the internal Twitter Slack channel, as reported by The Times.
It is still not clear as to how the hackers accessed Twitter’s Slack and if that is where they got the information from at all. Previous reporting from Motherboard said hackers may have got the information and access to the internal tool by probably giving bribe to an existing employee. However, it still is not certain if that is the case.
The OGusers hackers revealed to The Times to let them know that they are not involved with the attack and mentioned that a group referred to as Kirk targeted the accounts of Elon Musk and Joe Biden. It is unknown as to what led them to do that.