Supermeltdown for Twitter? This is what Swiss users need to know about the unique attack
The American social media service has inadvertently helped criminals to commit fraud. The financial damage is limited, but the loss of confidence can be enormous.
Unknown intruders on the internal network of the American company Twitter, manipulated security settings and distributed fake tweets via verified Twitter profiles from famous people and companies. The full extent of the damage is not yet predictable.
What must Swiss Internet users consider?
You should not currently rely on information distributed via Twitter, nor should you click on links published via social media services.
Due to the unsurpassed hacker attack on the US operator, the reliability of the entire platform is being questioned. Several Twitter profiles of prominent Americans and well-known American companies such as Apple have been compromised. This is despite the fact that some of the accounts concerned would have been protected against unauthorized access through additional security measures (two-factor authentication).
According to serious media reports, an “internal job” must be adopted. A Twitter employee is said to have helped unknown criminals gain access to administration software: This has been confirmed by several anonymous sources, reports the deputy.
What is the attacker’s motive?
The unknown criminals were worried about money. It is not known if other motives were involved.
For example, it is interesting that the Twitter profile of the US presidential candidate Joe Biden was manipulated with only 6.5 million followers, while Donald Trump’s profile with over 80 million followers was saved (see below: Which Twitter profiles are affected?)
The latest attack is one Airdrop Scam. In this fraud, unforeseen victims are tempted to send amounts in cryptocurrencies – mainly Bitcoin and Ethereum – to a specific wallet address. The perpetrators do this by exploiting the greed of potential victims and promising to repay the double amount. But the scams then disappear with the cryptocurrencies that are collected.
Who is behind the attack?
It is not known. The FBI is investigating.
A Twitter employee is said to have made his access data for the company’s network available to third parties.
Screenshots circulated on the Internet, which would show access to your internal software tool on Twitter.
How does Donald Trump react?
The US president has not yet commented.
Donald Trump is one of the most famous and most controversial Twitter users and was recently in a massive conflict with Twitter because the company had flagged some of its messages with warnings.
The Twitter profile @realDonaldTrump has over 83 million followers, but has been spared the latest hacker attack. In any case, according to the information available, no fraudulent tweets were distributed.
In 2017, a Twitter employee briefly deleted President Trump’s account before it was quickly installed, as a deputy recall.
Is Twitter insecure?
No platform is 100 percent secure.
According to the current state of knowledge, it is not a so-called SIM exchange attack, where hackers sneak into a victim’s mobile number.
Rather, the attackers can get login data from a Twitter employee, according to US media.
All technology companies face the problem of harmful insiders, says the US online medium’s motherboard, which belongs to “Vice”.
- Facebook employees used their privileged access to user data to persecute women.
- Snapchat employees had a tool called “Snaplion” that provides information about users.
- MySpace employees had abused a tool called “Overlord” to spy on users.
In 2019, two Twitter employees abused their access to the platform to spy on Twitter users for the Saudi regime, according to the US Department of Justice.
Are Swiss Twitter profiles at risk?
There is currently no evidence for this.
Who was hacked
The American company Twitter itself.
Unknown could access management software that made it possible to change the security settings for Twitter profiles.
Although not a hacker attack in the narrower sense: the perpetrator or perpetrators have been able to penetrate Twitter systems without exploiting a security hole or using a special attack tool: According to uncontrolled reports, a Twitter employee is said to have sold his access data on the black market.
According to a report from the online media Motherboard (“Vice”), a Twitter spokesman said that the company is still investigating whether an employee hijacked the accounts themselves or gave hackers access to the tool.
How does Twitter react?
In a series of tweets, the company has commented on the serious “security incident” and has the possibilities for a comprehensive investigation.
“We unveiled what we consider to be a coordinated social technology attack by people who have successfully targeted some of our employees with access to internal systems and tools.”
According to this presentation, Twitter employees were rested or asked by third parties to disclose their access data. At that time, the perpetrators had practically free rein.
“We know they used this access to take control of many visible accounts (including verified accounts) and to tweet on their behalf. We are investigating what other harmful activities they may have done or what information they have access to, and we will post more information here as we have it. »
They responded as quickly as possible.
“As soon as we found out about the incident, we immediately blocked the affected accounts and deleted the tweets provided. We also limited the functionality of a much larger group of accounts, such as all verified accounts (even those where there was no evidence of compromise), as we continue to investigate extensively. »
Profiles were temporarily blocked.
“We have blocked accounts that have been compromised and will only restore access to the original account holder if we are sure we can do so safely.”
By now, most of the accounts should work normally again, the company promises.
Which Twitter profiles are affected?
Twitter profiles of prominent Americans were attacked, but also the official accounts of well-known companies with hundreds of millions of followers.
Fake news for “Airdrop Scam” was distributed via the following Twitter profiles:
- Michael Bloomberg
- Jeff Bezos
- Joe Biden
- Bill Gates
- Kim Kardashian
- Elon Musk
- Barack Obama
- Kanye West
Are among the victims:
It started with this fake Elon Musk tweet:
“All major crypto-Twitter accounts” were also allegedly alleged, as Cameron Winklevoss tweeted, a US cryptocurrency and Bitcoin investor who founded Facebook with his twin brother.
The compromised crypto profiles included:
What are the consequences of the attack on Twitter?
The damage is not yet foreseeable.
The loss of confidence is likely to be enormous.
Republican Sen. Josh Hawley (Missouri) has ruthlessly demanded that Twitter boss Jack Dorsey’s hack attack be made public.