Following the hijacking of multiple high-profile Twitter accounts, security experts have warned that the hack could have been “much worse” than the Bitcoin scam that hackers ran from the accounts.
The Daily Mail reports that following the recent wave of high-profile Twitter accounts being hijacked by hackers, security experts have warned that the hack could have been “much worse” than the Bitcoin scam that was executed with the accounts. Leaked screenshots obtained by Motherboard from two sources who hijacked the accounts appear to confirm that the hack was made possible by compromising an employee at the company.
The accounts hijacked include Democratic Presidential candidate Joe Biden, Former President Barack Obama, Tesla CEO Elon Musk, Microsoft founder Bill Gates, and the official accounts of ridesharing service Uber and tech giant Apple. One source who alleges to be behind the attack told Motherboard directly, “We used a rep that literally done all the work for us,” adding that the hackers used a Twitter insider that they paid.
The Daily Mail now reports that hackers have received approximately $116,000 worth of Bitcoin (12.8 Bitcoin) from over 300 people. One intelligence official told the New York Times that the idea that hackers could easily gain access to the accounts of world leaders was “scary.”
Alex Stamos, the director of the Stanford Internet Observatory and the former chief security officer at Facebook, commented: “It could have been much worse. We got lucky that this is what they decided to do with their power.”
Adam Conner, vice president for technology policy at the Center for American Progress, noted that the hack could have a serious effect on politicians and the upcoming U.S. presidential election. “This is bad on July 15 but would be infinitely worse on November 3,” Conner stated.
Kevin Mitnick, a hacker turned security consultant, commented that if hackers gained access to the Direct Messages of world leaders, the information contained in those messages could open up the victims to blackmail causing a threat to national security. “You can imagine if those messages were released or if these hackers threatened to release them,” said Mitnick.
Jackie Singh, the founder of Spyglass Security, told Newsweek: “Absolutely, 100 per cent that the DMs could have been compromised. I mean it looks like they [the hackers] had ‘god mode’ with seemingly few limitations and we don’t know how long they had it for.”
Singh told Newsweek: “Attackers were reportedly able to change the email address for some of the accounts. I believe it to be fully within the realm of possibility that specific accounts may have had their direct messages compromised. They clearly had the capability to target certain accounts, as confirmed by the timing of the attack. We saw specific, verified, and high-follower, accounts tweet the scam message first in varying order, then a cascade of other, normal accounts tweet it.”
Singh added: “We don’t yet publicly know how long the attackers had access to Twitter’s systems, and I expect the security teams are still analyzing the data to ensure the threat actors’ movements throughout the business are accounted for and understood.”
However, Singh believes that despite the chaos that hackers could have caused by accessing world leaders’ accounts, financial gain was the main motivation. “It only seems impressive due to level of access. What they chose to do reveals their amateur nature,” Singh told Newsweek. “At one point I thought it could be a distraction for a different, more insidious type of event. But Occam’s razor, I doubt it.”
“The people involved are obviously used to running crypto scams though. They started tumbling money out right away. The specific accounts that were targeted initially seem to point towards cryptocurrency scammers being the ones who perpetrated this,” said Singh.
Sean Wright, an independent security researcher, said that he believes it to be “entirely plausible” that hackers gained access to users’ DM’s. Wright stated: “For me, personally, I think that would be the most sensitive data which they could have potentially had access to. If the attackers get their hands on this they could potentially use [the DM content] to blackmail their victims, and many of these victims are well-off financially.”
Wright added: “However in this case, at least with the information we have at hand, it looks like the attacker’s motivations are financial. It is entirely possible that was merely a distraction, and the attackers were either doing something else, such as siphoning off private data such as DMs, or using this as a means to create reputational damage.”
Breitbart News