Hackers used a phone phishing scam on various Twitter employees to post malicious messages in a July bitcoin scam, Twitter Support said Thursday.
“A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools,” Twitter support wrote.
Using compromised employee credentials, the hackers obtained internal employee information and used it to gain access to the site’s account support tools, Twitter support said. Of the 130 accounts compromised, 45 accounts were used to post on Twitter, 36 direct message inboxes were accessed and 7 accounts had their information downloaded. (Related: FBI Opens An Investigation Into Twitter Hack Amid National Security Concerns: Report)
????130 total accounts targeted by attackers
????45 accounts had Tweets sent by attackers
????36 accounts had the DM inbox accessed
????8 accounts had an archive of “Your Twitter Data” downloaded, none of these are Verified
— Twitter Support (@TwitterSupport) July 23, 2020
The hackers seized control of verified accounts in order to post the bitcoin messages, including former president Barack Obama and former Vice President Joe Biden’s accounts, according to various Twitter posts.
“I am giving back to the community,” a deleted tweet from Biden’s account read. “All bitcoin sent to the address below will be sent back doubled! If you send $1,000, I will send back $2,000. Only doing this for 30 minutes. Enjoy!”
— Donie O’Sullivan (@donie) July 15, 2020
Citing national security concerns, the FBI opened an investigation into the Twitter hacking scam, the Wall Street Journal and Reuters reported based on sources familiar with the matter.
The investigation into what occurred is still being conducted, Twitter support said.
Twitter’s U.S. Policy Communications Manager, Trenton Kennedy, directed the Daily Caller News Foundation to the Twitter blog post without further comment.
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact firstname.lastname@example.org.