The hackers who got away with BTC 13.14 – worth approximately $146,000 – in the notorious Twitter strike on July 15, obtained the access they needed by targeting Twitter staff immediately through a “phone spear-phishing attack,” Twitter said.
The criminals relied on “a significant and concerted effort to mislead” particular employees, and “exploit human weakness” to gain the access they required to carry out the crime, the social media giant said today.
The attack, now recognised to be the most extensive hack in Twitter’s history, made headlines worldwide earlier in July as prominent personalities like Barack Obama, Bill Gates, Elon Musk, and Michael Bloomberg all had their accounts compromised, with the hackers posting tweets where they demanded followers to send them BTC.
Distributing the latest report from its internal investigation, Twitter said that the criminals managed to retrieve credentials from the employees they targeted, therefore gaining access to the firm’s account support tools, which, in turn, contributed direct access to 130 Twitter accounts.
In an announcement of how the attackers succeeded to scam Twitter employees to provide them with the access they needed, Twitter said that they are now “taking a hard look” at how account support tools can be made “more sophisticated.” Moreover, it also noted that access to internal tools had been addressed to “significantly limited” to guarantee a similar incident does not occur again.
The advanced spear-phishing crime that targeted Twitter should also be a learning lesson for the crypto population, which has beforehand been disturbed with phishing attempts in the appearance of fake websites of exchanges, phone scams, and email phishing attempts.
As earlier published by Cryptonetwork.news, phishing attacks are especially widespread in the world of cryptocurrency, as unlike bank transactions, purchases made with cryptocurrency are almost unlikely to reverse.
What typically occurs is that scammers will send out emails from addresses that similarly resemble legitimate addresses from crypto wallets or exchanges, normally replacing only one letter in the address. This email will notify users of assumed malicious login efforts and urge the recipients to use the links included therein to modify their account data on the platform. Once the user inputs login information through the compromised link, hackers gain access to the user’s account, permitting them to play around with any crypto-asset that is held there.