Whatever Twitter eventually comes to say about the events of July 15th, 2020, when it suffered the most catastrophic security breach in company history, it must be said that the events were set in motion years ago.
Beginning in the spring of 2018
Scammers began to impersonate noted cryptocurrency enthusiasts Elon Musk. They would use his profile photo, select a user name similar to his, and tweet out an offer.
That was effective despite being too good to be true: send him a little cryptocurrency, and he’ll send you a lot back.
Sometimes the scammer would reply to a connected, verified account — Musk-owned Space X, for example — giving it additional legitimacy. Scammers would also amplify the fake tweet via bot networks, for the same purpose.
The events of 2018 showed us three things
One, at least some people fell for the scam, every single time — certainly enough to incentivize further attempts.
Two, Twitter was slow to respond to the threat, which persisted well beyond the company’s initial comments that it was taking the issue seriously.
And three, the demand from scammers coupled with Twitter’s initial measures to fight back set up a cat-and-mouse game that incentivized bad actors to take more drastic measures to wreak havoc.
What happened recently at twitter
The Twitter accounts of major companies and individuals have been compromised.
In one of the most widespread and confounding hacks the platform has ever seen, all in service of promoting a bitcoin scam that appears to be earning its creator quite a bit of money.
The hack appears to have subsided, but new scam tweets were posting to verified accounts on a regular basis starting shortly after 4 PM ET and lasting more than two hours.
Twitter acknowledged the situation after more than an hour of silence, writing on its support account at 5:45 PM ET, “We are aware of a security incident impacting accounts on Twitter. We are investigating and taking steps to fix it. We will update everyone shortly.”
Hacked Accounts of twitter
Among the hacked accounts were President Barack Obama, Joe Biden, Amazon CEO Jeff Bezos, Bill Gates, the Apple and Uber corporate accounts, and pop star Kanye West.
But they came later. The first prominent individual account to be compromised? Elon Musk, of course.
Within the first hours of the attack, people were duped into sending more than $118,000 to the hackers. Attackers may have accessed a great number of sensitive messages.
Who did this and how?
At Vice, Joseph Cox reported that members of the underground hacking community are sharing screenshots.
Suggesting someone gained access to an internal Twitter tool used for account management.
Twitter had deleted screenshots of the panel and suspended the users who had uploaded screenshots.
Cox’s reporting suggests that this is not a garden-variety hack in which a bunch of people reused their passwords, or a hacker used social engineering to convince AT&T to swap a SIM card.
One possibility is that hackers accessed internal Twitter tools. If any Twitter employee will be involved than this would be the second time in a year raised by Cox.
Twitter response to the incident offered further cause for distress
Twitter had disabled the ability of many verified users to tweet or reset their passwords. While worked to resolve the hack’s underlying cause.
Twitter is one of the world’s most important communications systems. The National Weather Service in Lincoln, IL, for example, had just tweeted a tornado warning before suddenly going dark.
Someone could take over the account of world leaders and can start a nuclear war. (A report on that subject from King’s College London came out just last week.)
Josh Hawley, the Missouri Republican who among other things wants to end content moderation.
He wrote a letter to Twitter CEO Jack Dorsey;
“I am concerned that this event may represent not merely a coordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself. As you know, millions of your users rely on your service not just to tweet publicly but also to communicate privately through your direct message service. A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security.”
And yet even Hawley doesn’t go far enough. The threat here is not simply user privacy and data security, though those threats are real and substantial.
It is about the striking potential of Twitter to incite real-world chaos through impersonation and fraud. As of today, that potential has been realized.
Twitter will likely spend the next several days investigating how this incident took place.
But it is vital that as soon as possible, Twitter shares as much about what happened today as it can and, just as importantly, what it will do to ensure that it never happens again.