Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

MacRumors

macrumors bot
Original poster
Apr 12, 2001
52,046
13,661


Twitter is continuing to investigate last week's security breach that saw the Twitter accounts of Apple and other high-profile figures and companies hacked by bitcoin scammers, and today the social media company confirmed that hackers accessed the Direct Messages of 36 Twitter accounts.

apple_bitcoin_hack.jpg

Twitter previously said that no passwords were stolen in the hack, which was a "coordinated social engineering attack" that targeted Twitter employees. Hackers were able to gain access to employee credentials, using that information to access Twitter's internal systems, including bypassing two-factor authentication protections.


The internal tools were used to target 130 accounts, and for 45 of those accounts, hackers initiated a password reset and had full access to the account to send tweets. For eight of the Twitter accounts, the attackers downloaded account information through the "Your Twitter Data" tool that provides Twitter account details and activity, but none of the eight accounts targeted in this way were verified accounts.

For the 130 accounts that were breached, which included the accounts of Tesla CEO Elon Musk, former U.S. President Barack Obama, former Microsoft CEO Bill Gates, Amazon CEO Jeff Bezos, presidential candidate Joe Biden, and others, hackers were able to see personal information like email addresses and phone numbers, and for some accounts taken over, additional information was available.

Twitter has not provided specific details on which of the 36 accounts saw their DMs breached, but hackers did access the DMs of one elected official in the Netherlands. No other former or current elected official had their DMs accessed.

Twitter is communicating directly with the account holders that were impacted and is further securing its system to prevent future attacks. As part of its efforts to stop something similar from happening again, Twitter is rolling out additional company-wide training to guard against social engineering tactics.

Article Link: Twitter Says Hackers Accessed the Direct Messages of 36 Accounts in Last Week's Breach
 
Last edited:

Populus

macrumors 68000
Aug 24, 2012
1,759
1,793
Valencia, Spain.
Stoked the USA didn't "declare war" during this debacle.
Wow, I hadn't thought about what they (the hackers) could have done if they had accessed certain leader twitter... It gives me the shivers.
[automerge]1595471257[/automerge]
I am glad I got rid of Twitter a while back. I am social media free on my devices, except for MacRumors. :D
I did too, 6 years ago (more or less) and I'm glad to be free of all that tension, hate and aggressiveness I sometimes see on Twitter.
 
Comment

jchap

macrumors regular
Sep 25, 2009
123
188
"Social engineering" = "hacked by someone inside Twitter, who had the knowledge, ability and motivation to do this." Of course, Twitter implies that the perpetrator was outside of the company, and they seem to be inferring that Twitter's employees were somehow coerced or "socially engineered" into doing this without their knowledge.

No amount of internal training will prevent this kind of result.

Twitter needs to review their protocols that allow employees to access and modify said data in the first place. Someone had full access to a database that should have been carefully restricted only to those who absolutely required access for legal reasons. Did Twitter even go through any internal procedure leading up to the insider gaining said access? Companies that are careful about such things will keep their servers in secure and locked rooms, and meticulously log and monitor all access. They should absolutely know who was in there and which employee accessed their database, unless they are so inept that they have no access logging system.

If the DM database(s) was/were accessible anywhere inside of their corporate network outside of a select few, that is a major problem in and of itself. The fact that Twitter allows this sort of coordinated attack (whether the perpetrator was inside or outside of Twitter's corporate network) to even be possible says something about their security practices.

Ask yourself: do I want to participate in a social network, which is hosted by a company that allows its employees access to my direct messages without just legal cause?
 
Last edited:
Comment

entropys

macrumors 6502a
Jan 5, 2007
785
1,267
Brisbane, Australia
Looking at those accounts, they would seem to be managed accounts that have more than one person using the account (you know, media managers, minders etc).
which might explain why orange man isn’t on the list. He controls his account.
 
Comment

Makosuke

macrumors 603
Aug 15, 2001
6,348
618
The Cool Part of CA, USA
It's impressive and extremely lucky that these were small-time and uncreative hackers who apparently hit the social-engineering jackpot--they could have caused a truly disturbing amount of international or financial market chaos but basically just used it on a lame Bitcoin scam and selling a few low-character-count usernames.

Imagine what a well-planned, coordinated action by a state actor, dedicated group of terrorists, clever anarchists, or big-time financial market scammers could have accomplished.

You can be pretty sure that whoever they are they are reconsidering the success of their scam--there is absolutely no way $100K or so split more than one way is worth the international manhunt that's almost certain to result from this.
 
Comment

handle manifest

macrumors member
Aug 16, 2008
47
31
Wow, I hadn't thought about what they (the hackers) could have done if they had accessed certain leader twitter...

Looking at those accounts, they would seem to be managed accounts that have more than one person using the account (you know, media managers, minders etc).
which might explain why orange man isn’t on the list. He controls his account.

It's been reported that Twitter has employees constantly monitoring DJT's account. EDIT: I'd bet that Elon Musk doesn't share control of his Twitter account, either.

Well, the were probably Russian hackers...

Well...
Who’s Behind Wednesday’s Epic Twitter Hack?
Twitter Hacking for Profit and the LoLs

Ask yourself: do I want to participate in a social network, which is hosted by a company that allows its employees access to my direct messages without just legal cause?

What do you consider just legal cause? If one Twitter user sends a threatening or harassing DM to another Twitter user, and the recipient reports the DM to Twitter, should Twitter tell the recipient to (for example) file a police report in order for Twitter to look at the DM?
 
  • Like
Reactions: Populus
Comment

appleguy123

macrumors 604
Apr 1, 2009
6,625
1,047
15 minutes in the future
I find it weird that Twitter employees at any level even have the ability to post new tweets for users and view their private messages. Even if this social engineering attack didn’t happen, giving this ability to some Twitter employees was asking for trouble.
 
  • Like
Reactions: KeithBN
Comment

C DM

macrumors Sandy Bridge
Oct 17, 2011
51,388
19,437
Ask yourself: do I want to participate in a social network, which is hosted by a company that allows its employees access to my direct messages without just legal cause?
I find it weird that Twitter employees at any level even have the ability to post new tweets for users and view their private messages. Even if this social engineering attack didn’t happen, giving this ability to some Twitter employees was asking for trouble.
It doesn't appear that that's what happened in this case.
[automerge]1595481746[/automerge]
Stoked the USA didn't "declare war" during this debacle.
It would be a rather sad state of affairs all around if something like social media is treated as if it's something official or really carries anymore weight than what it really is.
 
Comment

jchap

macrumors regular
Sep 25, 2009
123
188
It would be a rather sad state of affairs all around if something like social media is treated as if it's something official or really carries anymore weight than what it really is.

There are countless administrative and governmental bodies around the world that consider every declaration or bit of information they release on Twitter to be "official."
 
  • Like
Reactions: KeithBN
Comment

acorntoy

macrumors 68000
May 25, 2010
1,633
1,691
Wow, I hadn't thought about what they (the hackers) could have done if they had accessed certain leader twitter... It gives me the shivers.
[automerge]1595471257[/automerge]

I did too, 6 years ago (more or less) and I'm glad to be free of all that tension, hate and aggressiveness I sometimes see on Twitter.

Yeah it could have been pretty bad. At the very least they could have massively influenced a stocks price; have some politicians and one company tweet out “Our work is about to be released vaccine created!” (probably would have gotten them more than they actually did), at worst declare nuclear war.
The fact that they just asked for Bitcoin is the strangest mystery in all of this.
[automerge]1595483938[/automerge]
It's impressive and extremely lucky that these were small-time and uncreative hackers who apparently hit the social-engineering jackpot--they could have caused a truly disturbing amount of international or financial market chaos but basically just used it on a lame Bitcoin scam and selling a few low-character-count usernames.

Imagine what a well-planned, coordinated action by a state actor, dedicated group of terrorists, clever anarchists, or big-time financial market scammers could have accomplished.

You can be pretty sure that whoever they are they are reconsidering the success of their scam--there is absolutely no way $100K or so split more than one way is worth the international manhunt that's almost certain to result from this.
 
Comment

George Dawes

macrumors 65816
Jul 17, 2014
1,333
1,136
=VH=
There's so many alternatives to Twitter these days , amazed it's still going

TBH I much prefer forums like here to all that stuff , much more interesting here plus there's some very smart posters unlike Twitter which is full of spam and bots
 
Comment

acorntoy

macrumors 68000
May 25, 2010
1,633
1,691
Seems like just a way to hopefully quickly make some essentially untraceable money.
It’s the equivalent of somebody breaking into a mansion and only stealing the budget tv in the kitchen. Very sophisticated, complicated and upfront for such a low payoff.
 
  • Like
Reactions: KeithBN
Comment

WBRacing

macrumors 65816
Nov 19, 2012
1,368
3,114
UK
Twitter is a cesspool. Mostly chock full of the vocal minority speaking with superiority as if they are the only ones who have the correct opinion.

As I have said before: When I was young I wished I could read people's minds. Thanks to social media, I'm now over that.
 
Comment

C DM

macrumors Sandy Bridge
Oct 17, 2011
51,388
19,437
It’s the equivalent of somebody breaking into a mansion and only stealing the budget tv in the kitchen. Very sophisticated, complicated and upfront for such a low payoff.
Well, more like stealing whatever could be stolen quickly and without the ability to be traced vs. something that might take more work to steal, then to fence to make money off of, and then potentially have it still tracked back and connected to them.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.