Musk, Gates, Biden, Apple Among Accounts Taken Over
Incorporate to favorites
Breach scale suggests Twitter admin takeover
Twitter’s security has been compromised this night, with the breach utilised to consider over Elon Musk’s, Jeff Bezos’ and Monthly bill Gates’ and other’s well known Twitter accounts in a Bitcoin scam that has their followers directed to deposit Bitcoin in a selected wallet with the phony guarantee that contributions will be doubled.
Twitter has confirmed a security incident, indicating “You may be unable to Tweet or reset your password whilst we evaluation and deal with this incident”.
We are conscious of a security incident impacting accounts on Twitter. We are investigating and using ways to take care of it. We will update everyone shortly.
— Twitter Guidance (@TwitterSupport) July 15, 2020
The incident, which for after does really are worthy of the adjective “unprecedented” has also seen the accounts of Apple, Uber and Kanye West taken over. Presidential candidate Joe Biden’s account is amongst all those who have also Tweeted the scam. Several seem to have been in a position to swiftly remove the Tweets. The scenario is acquiring.
Yikes, strongest hypothesis is that the attackers have owned Twitter’s staff admin panel which permits Twitter employees means to change pw/disable MFA to enable an attacker to consider over a well known account and tweet on their behalf without dealing with their password or MFA.
— Rachel Tobac (@RachelTobac) July 15, 2020
Twitter Hacked: Admin Obtain Seems Likely
The scale of the incident suggests an attacker either received access to a Twitter employee’s administrative privileges or found a sweeping vulnerability in the social platform’s login protocols. Supplied that many of the accounts are possible, presented their significant profile, to have enabled two-element authentication, it looks plausible that a person senior at Twitter has been compromised and their privileges abused.
Notice the email addresses change. Twitter has no purpose to give employees native access to impersonate people.
Accounts are becoming stolen, auth token generated, and tweeted from. Notice how reputable people however have tokens to delete tweets. Not a clear strike.https://t.co/grlhbkhVhR— Swift⬡nSecurity (@SwiftOnSecurity) July 15, 2020
Security company RiskIQ claims it has identified infrastructure tied to the cryptocurrency scammers. The unverified record is on Pastebin right here.
RiskIQ scientists just doubled the selection of IoCs in the Pastebin. You should continue to observe it for updates as this scenario evolves https://t.co/D99QOpfbFc #twitterhack #twitterhacks #ThreatIntel #IOCs https://t.co/HZkJmDjRmM
— RiskIQ (@RiskIQ) July 15, 2020
