The social media platform Twitter has revealed the cause of massive hack earlier this month that spread a cryptocurrency scam by hijacking accounts of high-profile celebrities, politicians, and businesses. The tech giant says that it was a result of a phone spear phishing attack.
“A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools,” Twitter said in an update on its investigation to the issue on Thursday.
The attackers targeted 130 Twitter accounts, ultimately tweeting from 45, accessing the DM (Direct Messages) inbox of 36, and downloading the Twitter Data of 7.
On the question of what is phone spear phishing in this specific case it’s not clear what particular technique was successfully able to penetrate Twitter’s defences. Spear phishing generally refers to an individually tailored social engineering attack, with the added component here of phones being involved in the targeting, reports Techcrunch.
Also Read: Musk slams Twitter
In the incident that occurred on July 15, accounts of major public figures including Barack Obama, Elon Musk, Bill Gates, Jeff Bezos, US Democratic presidential candidate Joe Biden, Apple, Uber were simultaneously hacked by attackers to spread a bitcoin scam.
The incident raised concerns around Twitter tools and levels of employee access.
Twitter said it has “zero tolerance” for misuse of credentials or tools, actively monitors for misuse, regularly audits permissions, and takes immediate action if anyone accesses account information without a valid business reason.
“Since the attack, we’ve significantly limited access to our internal tools and systems to ensure ongoing account security while we complete our investigation,” Twitter said.
As a result, some features – namely, accessing the Your Twitter Data download feature – and processes have been impacted.
Twitter said it will be slower to respond to account support needs, reported tweets, and applications to its developer platform.
“We’re sorry for any delays this causes, but we believe it’s a necessary precaution as we make durable changes to our processes and tooling as a result of this incident,” Twitter said.
“We will gradually resume our normal response times when we’re confident it’s safe to do so,” the company added.
Twitter said its investigation is ongoing, and it is working with the appropriate authorities to ensure that the people responsible for this attack are identified.