On Twitter Support’s profile, a report of the accounts that were hacked into the social network on July 15 was published.
Our investigation continues, but we wanted to share more specifics about what the attackers did with the accounts they accessed. Following a complete review of all targeted accounts, here is more detail on what we know today:
— Support (@Support) July 22, 2020
Confirming that a total of 130 accounts have been hit by the hack, it was revealed that of these, 36 have been completely taken over by the hackers, so that they also had access to the direct message mailbox (DM). Among them we also had that of a politician elected in the Netherlands.
Despite this, they were not able to view the passwords previously used by the targeted accounts, as these are not stored in clear text and are not visible with the tools used in the attack.
Of 8 accounts, however, they were also able to download the data archive, known as “Your Twitter Data” (YTD), containing all the account activities. None of these 8 profiles, however, was a verified account.
So in summary:
- a total of 130 accounts were attacked
- out of 45 of these, tweets have been posted by the attackers.
- out of 36 attackers also managed to access the DM box
- out of 8 were able to access the YTD archive.
Although these numbers seem to describe this as a relatively small attack, actually the scope of the scam tweets published by the attackers on those 45 profiles was really remarkable, given the names involved (Barack Obama, Joe Biden, Elon Musk, Bill Gates, Jeff Bezos, Justin Sun, CZ, etc.).
Also the numbers related to bitcoin transactions received do not seem very high: 12.87 BTC with only 396 transactions.
However, they could have been many more if the crypto exchanges hadn’t taken immediate shelter and prevented their users from sending bitcoins to the public address of the scammers.
In other words, the severity of the incident remains exceptional, but it could have been much worse if they had managed to get their hands on more accounts, and if exchanges hadn’t prevented their users from actually giving hackers their bitcoin.
Now it is hoped that the company has taken all the necessary measures to prevent such an attack from happening again, as the hackers have managed to get into the platform’s internal management system probably with social engineering techniques aimed at some of their employees.