Twitter Reveals Hackers Accessed DMs Of 36 Hacked Accounts Including Netherlands Politician In Massive Bitcoin Scam
Twitter has revealed that hackers accessed the Direct Message (DM) inbox of up to 36 of the 130 targeted users, including one elected official in the Netherlands.
It would be recalled that the Twitter accounts of prominent people and companies including Democratic presidential candidate Joe Biden, former President Barack Obama, Tesla CEO Elon Musk, Bill Gates, Jeff Bezos, Kanye West, Kim Kardashian, Mike Bloomberg, Apple and Uber among others were hacked on July 15.
They made tweets, which were later deleted, asking users to send $1,000 (€876) in bitcoin donations within half-an-hour and get double the money in return.
The scammers received $120,000 worth of Bitcoin in 500 transactions, a scam dubbed as one of the largest ever on a social media site.
The company has said it is communicating directly with impacted account owners and will share updates “when we have them”.
In Thursday’s update, Twitter said the direct message inbox of 36 of the 130 accounts hacked, including one elected official in the Netherlands, were accessed.
It also said there are no indications that the hackers looked at DMs of any other elected official aside from the Netherlands politician.
We believe that for up to 36 of the 130 targeted accounts, the attackers accessed the DM inbox, including 1 elected official in the Netherlands. To date, we have no indication that any other former or current elected official had their DMs accessed.
— Twitter Support (@TwitterSupport) July 22, 2020
The social media giant stated that 130 accounts were targeted by the attackers, 45 accounts had Tweets sent by attackers, 36 accounts had the DM inbox accessed and downloaded Twitter data from eight non-verified accounts.
🔹130 total accounts targeted by attackers
🔹45 accounts had Tweets sent by attackers
🔹36 accounts had the DM inbox accessed
🔹8 accounts had an archive of “Your Twitter Data” downloaded, none of these are Verified
— Twitter Support (@TwitterSupport) July 23, 2020
The micro-blogging platform revealed that;
The attackers were not able to view previous account passwords, as those are not stored in plain text or available through the tools used in the attack.
However, the attackers were able to view personal information including email addresses and phone numbers, which are displayed to some users of the internal support tools.
Last week, the social media giant admitted that the cryptocurrency hack was a “coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools”.
Twitter has not yet revealed who or where the attack came from, and said its investigation is ongoing.
A probe by the FBI is underway and the US Senate had demanded the company brief Congress on the hack.