Twitter logo with the hashtag "Hacked" beside it

Social engineering at the root of Twitter’s high-profile account hacks

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email

Elon musk, Jeff Bezos, Bill Gates, Joe Biden and Barack Obama are just some of the accounts compromised during the attack.

The tweet posted on Bill Gate’s official Twitter stream while it was controlled by hackers.

Following a series of tweets from the American social networking giant, Twitter has confirmed the cause of the security breach that compromised several extremely high-profile accounts to be a successful social engineering campaign to its employees. This allowed the bad actors access to internal systems and employee privileges. At the time of writing, Twitter believe a total of 130 accounts were affected.

“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,”

“We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf.”

Twitter

The implication of the message is that not just one, but multiple employees were victim to the social engineering attack. This is yet another example of how employees, and the threat surface they control, are often the weakest link in the security chain.

Twitter has not officially released any specific information on what employee tools were compromised, but several screenshots are surfacing among the underground hacking communities of an admin tool used to take control of accounts and recover passwords.

A screenshot of the tool used to control Twitter accounts.

Anonymous hackers claiming responsibility for the incident told reporters at Motherboard that they paid a Twitter insider to gain access to the admin tool.

“We used a rep that literally done all the work for us”

Anonymous Hacker

Several statements from Twitter have confirmed it is investigating the issue and working on measures to tighten its internal security.

“Tough day for us at Twitter. We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.”

Jack Dorsey – CEO, Twitter

One measure taken has been to disable the password reset feature of many accounts without warning. This has baffled many security-conscious users attempting to reset their passwords in the wake of the news. Twitter has given no indication when this will be resolved, only that they are working to fix it.

“This is a widespread issue related to a security incident that we are investigating and working to fix. Some users may not be able to change the password or access their accounts at the moment unfortunately.”

Spokesperson – Twitter

While this incident is potentially massive in its destructive effect, it is not some new and advanced form of hacking which has never been seen before. It’s another case of an organisation being uninformed of the danger posed to its customers by its own employees.

Social engineering was at the root of this breach, and directly or indirectly, social engineering is at the root of over 90% of data breaches each year.

Reducing the overall size of an organisation’s cyber threat surface should be at the forefront of all members within. Understanding where the largest threats lie is the first step in this journey.

At PhishingTackle.com, we have created a number of free tools to assist organisations making these steps, one such tool is the Free Click-Prone® Test which reveals how many users within an organisation are susceptible to a modern day social engineering attack.