Individuals who allegedly were part of the massive hack that brought Twitter to its knees on Wednesday claim that they paid a Twitter insider to help them hijack the Twitter accounts of numerous high-profile figures.
Some of the accounts that were hijacked included Bill Gates, Elon Musk, Barack Obama, Joe Biden, Jeff Bezos, Mike Bloomberg, Kanye West, Apple, Uber, Warren Buffett, Kim Kardashian, Cash App, Floyd Mayweather, and many others.
Motherboard reported:
A Twitter insider was responsible for a wave of high profile account takeovers on Wednesday, according to leaked screenshots obtained by Motherboard and two sources who took over accounts. …
“We used a rep that literally done all the work for us,” one of the sources told Motherboard. The second source added they paid the Twitter insider. Motherboard granted the sources anonymity to speak candidly about a security incident. A Twitter spokesperson told Motherboard that the company is still investigating whether the employee hijacked the accounts themselves or gave hackers access to the tool.
Twitter appeared to confirm, at least in part, the general gist of Motherboard’s report, that the hackers targeted Twitter employees as part of the attack.
“We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter Support wrote. “We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.”
We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.
— Twitter Support (@TwitterSupport) July 16, 2020
One of the screenshots that was produced in the hack allegedly showed the backend interface that Twitter employees see when managing accounts and which appears to show that they have the option of blacklisting trends and search features.
“Twitter has been deleting some screenshots of the panel and has suspended users who have tweeted them, claiming that the tweets violate its rules,” Motherboard added. “A Twitter spokesperson told Motherboard in an email that, ‘As per our rules, we’re taking action on any private, personal information shared in Tweets.'”
“We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely,” Twitter added in its statement on the platform. “Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.”
Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.
— Twitter Support (@TwitterSupport) July 16, 2020
Twitter CEO Jack Dorsey tried to appeal to people’s emotions after the devastating day for the platform, writing, “Tough day for us at Twitter. We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened. [Blue heart emoji] to our teammates working hard to make this right.”
Tough day for us at Twitter. We all feel terrible this happened.
We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.
💙 to our teammates working hard to make this right.
— jack (@jack) July 16, 2020