A Twitter insider was responsible for a wave of high profile account takeovers on Wednesday, according to leaked screenshots obtained by Motherboard and two sources who took over accounts.
"We used a rep that literally done all the work for us," one of the sources told Motherboard. The second source added they paid the Twitter insider. Motherboard granted the sources anonymity to speak candidly about a security incident. A Twitter spokesperson told Motherboard that the company is still investigating whether the employee hijacked the accounts themselves or gave hackers access to the tool.
The accounts were taken over using an internal tool at Twitter, according to the sources, as well as screenshots of the tool obtained by Motherboard. One of the screenshots shows the panel and the account of Binance; Binance is one of the accounts that hackers took over today. According to screenshots seen by Motherboard, at least some of the accounts appear to have been compromised by changing the email address associated with them using the tool.
The bad news: Twitter has now revealed that the attackers may indeed have downloaded the private direct messages (DMs) of up to 8 individuals while conducting their Bitcoin scam, and were able to see “personal information” including phone numbers and email addresses for every account they targeted.
That’s because Twitter has confirmed that attackers attempted to download the entire “Your Twitter Data” archive for those 8 individuals, which contains DMs among other info.
If Trump starts tweeting in complete sentences, with good grammar and punctuation, then we know it's not really him. The only way to impersonate Trump tweets would be to feed it through a Russian translator, then an English translator, then a malfunctioning autocorrect.I never had a Twitter account, but for now I will even stop clicking on Twitter posts here.
If the company can't guarantee that the tweets come from the real account holder..... nah.
Before you know it, someone is posting bullshit on the 45 account, and no one will ever notice the difference.
Mr. O'Connor said other hackers had informed him that Kirk got access to the Twitter credentials when he found a way into Twitter’s internal Slack messaging channel and saw them posted there, along with a service that gave him access to the company’s servers.
What's needed is the opposite of autocorrect-- an autofail, perhaps?If Trump starts tweeting in complete sentences, with good grammar and punctuation, then we know it's not really him. The only way to impersonate Trump tweets would be to feed it through a Russian translator, then an English translator, then a malfunctioning autocorrect.
Early this morning, the FBI, IRS, US Secret Service, and Florida law enforcement placed a 17-year-old in Tampa, Florida, under arrest — accusing him of being the “mastermind” behind the biggest security and privacy breach in Twitter’s history, one that took over the accounts of President Barack Obama, Democratic presidential candidate Joe Biden, Bill Gates, Elon Musk, and more to perpetrate a huge bitcoin scam on July 15th.
The teen is currently in jail, being charged with over 30 felony count, including organized fraud, communications fraud, identity theft, and hacking, according to Hillsborough State Attorney Andrew Warren in a just-broadcast news conference describing the arrest.
It’s not clear whether the 17-year-old is the only suspect in the case. “I can’t comment on whether he worked alone,” said Warren. He was arrested at his apartment where he lives by himself, authorities stated.