Yesterday, Wednesday’s hacking wave that silenced some of the most popular accounts on the social media platform raises questions about its safety and its ability to adapt while preparing for the US presidential elections.
Twitter said yesterday evening that hackers have obtained passwords for workers and hacked accounts, including the account of Joe Biden, the Democratic presidential candidate and former President Barack Obama, and Kim Kardashian, reality TV star and billionaire Elon Musk, founder of the Tesla Automobile Company.
“We detected what we believe to be a coordinated attack in social engineering by people who have successfully targeted some of our employees who have access to internal systems and tools,” the company said in a series of tweets.
She added that the hackers took advantage of this “to control many of the accounts that have strong follow-up (including official accounts) and to post tweets in the name of their owners.”
The company’s data confirmed security experts ’concerns that the security of the Twitter platform itself, not users, is what is at risk.
The role played by Twitter as a platform for communication for political candidates and officials, including President Donald Trump, has led to fears that infiltrators could cause chaos in the November 3 US presidential election or jeopardize national security.
“This is a wretched situation on July 15, but it will definitely be worse on November 3,” said Adam Conner, vice president of technology policy at the Center for American Progress, a liberal think-tank.
With celebrities and wealthy impersonators, hackers have asked their followers to send Bitcoin to a series of addresses. By evening, transfers of 400 bitcoins had made the equivalent of $ 120,000.
Half of the victims had accounts on the US Bitcoin exchanges, one quarter in Europe and the other in Asia, according to Ileptec Analytics.
These transfers left traces through which investigators can identify the perpetrators of the breach. Perhaps one of the factors that limited the financial damage was that many exchanges prevented the transfer of other payments after targeting their Twitter accounts.
Perhaps the damage to the reputation of Twitter is more serious and what has bothered some more than anything else throughout the period it took the company to stop fake tweets.
“Twitter’s response to this breakthrough was amazing. Today was in the middle of it in San Francisco and it took them five hours to control this incident,” said Dan Gedo, chief executive of Trail of Bits security services.
Worse, the circumvention of Bitcoin exchange is just a ruse to divert attention from a more serious penetration such as collecting direct messages to account holders.
Twitter said it has not yet confirmed whether the hackers have done anything other than sending bitcoin tweets.
The company said: “We are investigating the matter to find out any other harmful activity that they may have practiced or any information that they may have accessed, and we will announce anything we can reach.”
There has already been widespread penetration of Twitter accounts by stealing worker credentials that allow them to access networks or problems with third party applications used by a large number of users.
Yesterday’s hack was the worst so far. A number of users who use only two items to verify identity said that they were unable to prevent penetration.