Social media company Twitter confirmed on Friday that the latest hacking incident of its platform had targeted 130 accounts in the unprecedented attack.
The company added that “for a small subset of these accounts, the attackers were able to gain control of the accounts and then send Tweets from those accounts”.
Passwords of the accounts have not been accessed by the hackers, Twitter has assured the count holders, said reports. However no such assurance was provided by the social media company with respect to other private information such as the contents of direct messages.
“We are continuing to assess whether non-public data related to these accounts was compromised, and will provide updates if we determine that occurred,” Twitter said.
Suggestions of a link of the hacking to a small group of hackers who had attempted to monetize their access, on earlier occasions, by stealing and selling accounts that had valuable or desirable usernames such as single characters or first names, were available to Twitter from the evidence made available to the company through posts shortly before the attack. Currently the company is conducting investigations.
These accounts, known as “OG” – or “original gangsters” – accounts, are commonly the target of hacking attempts. It was as far back as 2018, phone numbers were being hijacked by hackers so that they could then break the two-factor authentication on OG accounts on Twitter and Instagram with usernames such as @t or @sex.
Access to any Twitter handle for $2,500 to $3,000 was offered in a post on one forum dedicated to hacking OG accounts shortly before the widespread attack. The post also offered to reset the email for individual account for just $250.
The modus operandi for achieving the above is similar to the technique described by one OG account-holder, called the security researcher Lucky225, who controlled the account @6, which had been owned by deceased hacker Adrian Lamo. The details of an attack on @6 were described by Lucky in a detailed account posted on Thursday. It said that the attack involved resetting of the email address that is associated with the account first, and then disabling the two-factor authentication that is used by users to protect it.
“It appears that having Twitter admin access doesn’t allow you, by itself, to just unilaterally breach any account you want,” Lucky wrote. “It does give Twitter employees tools to help people who they legitimately believe have been locked out of their Twitter account.”
Connection of the @6 attack to another similar hack, that of the account @b, was made by Brian Krebs, an independent security reporter. In that case, pictures that shoed the internal control panel that the hackers had used to hack into and take control of the account were tweeted by the person.
“There are strong indications that this attack was perpetrated by individuals who’ve traditionally specialized in hijacking social media accounts via ‘SIM swapping’, an increasingly rampant form of crime that involves bribing, hacking or coercing employees at mobile phone and social media companies into providing access to a target’s account,” Krebs concluded.
According to reports, the latest Twitter hack has also caught the attention of the FBI and the agency is now investigating the case.
“We are aware of today’s security incident involving several Twitter accounts belonging to high-profile individuals. The accounts appear to have been compromised in order to perpetuate cryptocurrency fraud,” the bureau said in a statement.
(Adapted from TheGuardian.com)