A Twitter Employee Might Give Hackers Access To Internal Tools Used In Recent High-Profile Attack

After investigating into the incident resulting in the take-over of some high-profile accounts of Elon Musk, Bill Gates, and Barack Obama, Twitter confirmed the hackers behind this attack had access to the privileges and tools available to the company's employees only.

The company said it identified a coordinated social engineering attack aimed at employees with access to the platform’s internal tools and systems. Next, the attackers took advantage of these tools to take over the accounts of some household names and tweet on their behalf.

It appears Twitter admits several of its employees have been compromised, not just one individual. While the company said nothing on the process the hackers undertook to take over control of these high-profile accounts, Motherboard reported screenshots showing an internal admin tool used to hack Twitter accounts were being shared among several hacking circles.

Motherboard said some hackers paid an employee of the company to change the email addresses of these popular accounts so that they could take control of them.

The magazine also made public screenshots of the internal tool it believes the hackers used in this attack. Twitter has removed the pictures and suspended accounts that shared them for violation of its policies.

For now, we have no idea if this was how the attack was conducted as Twitter has confirmed nothing. However, the scale of the attack and the fact that some of the accounts are super-sensitive and protected by two-factor authentication prove the attackers must at least have indirect access to internal tools.

Twitter said it was investigating to find out what other things the attackers had done or any other they had stolen. The attackers behind this hack used the accounts they took over to promote a bitcoin scam with one of the most serious cases a victim sent $120,000 worth of bitcoin to the website listed on the posts.

According to Twitter, the hack may go beyond just a cryptocurrency scam. Many of the hacked accounts have political or business nature and hackers would benefit greatly from having access to their messages and other private information.

After this incident, the company will likely be questioned about the security measures it intends to place to prevent similar attack attempts from happening in the future. It is possible the company will also be inquired by the government.

As stated by the company, after learning about the attack, it had immediately locked the hacked accounts and removed posts of the cryptocurrency scam. The company even took an unprecedented move of temporarily disable verified accounts’ ability to make new tweets.

The company said the move was disruptive but it did so to minimized risks. It has restored most functionalities on the platform but further actions would be taken and the public would be notified about them.

>>> Hackers Reportedly Earn 120,000$ From Hacking Major Twitter Accounts