LOS ANGELES—The Federal Bureau of Investigation has taken over the investigation of a stunning Twitter hack on Wednesday that took over a series of high profile accounts — including accounts used by Barack Obama, Joe Biden, Kim Kardashian, Jeff Bezos, and others — according to a report Thursday by the Reuters news agency.
The hackers used the celebrity accounts to tweet an apparent cryptocurrency scam, asking users to send the supposed account-holder $1,000 in BitCoin, in many cases saying that the sender would receive $2,000 in return. Reportedly, a number of Twitter users took the bait, sending approximately $120,000 worth of BitCoin cryptocurrency to the hackers.
Though there was widespread online speculation that the BitCoin scam was merely a cover or test for a larger incursion of some sort, the FBI San Francisco office on Thursday issued a statement saying, “at this time, the accounts appear to have been compromised in order to perpetuate cryptocurrency fraud,” according to CNBC correspondent Eamon Javers via his Twitter account. The FBI also confirmed that it is investigating the hack, according to Javers.
Twitter Support issued a statement on Wednesday saying that the hack was the result of “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
The statement went on to say that the hackers used the access to internal Twitter tools that they gained through the “social engineering attack” to seize control of the “highly visible” accounts. “Social engineering” refers to the practice by hackers of manipulating or fooling their victims into sharing confidential information, such as online passwords. The info is then used to access internet accounts owned or controlled by the unsuspecting targets.
On his own Twitter account, the controversial cybersecurity entrepreneur John McAfee speculated that the hackers may have taken advantage of a Twitter “two-factor authentication” policy to engineer a “SIM switch.”
Twitter CEO Jack Dorsey’s account was hacked last year using the “SIM switch” method. That trick involves obtaining the personal cell number of a target, then placing a phone call to that target’s cell phone carrier, asking them to switch the phone number to a new SIM card.
The hacker then has access to the victim’s phone, and can use it for two-factor authentication protocols. In Dorsey’s case, his cell number was inadvertently leaked due a security error by the service carrier. Hackers then accessed his account to send a series of offensive tweets.
But sources told the tech news site Motherboard that Wednesday’s more serious Twitter hack was an inside job.
“We used a rep that literally done all the work for us," said one unnamed source quoted by Motherboard, which added that second source claimed to have paid the alleged Twitter insider. Twitter had not yet determined whether its employees had been unwitting victims of “social engineering,” or whether one or more participated in the hack, according to Motherboard.
The site also published what its sources said were screenshots on internal tools used by Twitter administrators. The screenshots showed buttons on individual accounts reading “search blacklist” and “trends blacklist.”
Those “blacklist” buttons were previously revealed, however, in 2018, according to a separate Motherboard report published Thursday. Noting online speculation that the “blacklist” buttons were proof that Twitter engaged in “silencing” of certain users, Motherboard reporter Emanuel Maiberg and Jason Koebler said that the buttons were actually “common sense moderation tools.”
In 2018, according to Maiberg and Koebler, Twitter acknowledged that the tools were used to keep “bad-faith actors who intend to manipulate or divide the conversation” out of search and trending results. A Twitter spokesperson told the Motherboard reporters that the buttons visible in the leaked screenshots Wednesday were the same as those discussed two years ago.
Photo By Photo Mix / Pixabay