{"id":29576,"date":"2020-10-02T19:26:21","date_gmt":"2020-10-02T13:56:21","guid":{"rendered":"https:\/\/www.technologyforyou.org\/?p=29576"},"modified":"2020-10-02T19:26:21","modified_gmt":"2020-10-02T13:56:21","slug":"video-bytes-twitter-gets-hacked","status":"publish","type":"post","link":"https:\/\/www.technologyforyou.org\/video-bytes-twitter-gets-hacked\/","title":{"rendered":"Video Bytes: Twitter gets hacked!"},"content":{"rendered":"<p class=\"small\"><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">by <span class=\"vcard author p-author h-card\"><a title=\"Posts by Malwarebytes Labs\" href=\"https:\/\/blog.malwarebytes.com\/author\/malwarebyteslabs\/\" rel=\"author\">Malwarebytes Labs<\/a><\/span><\/span><\/p>\n<div id=\"articleBody\" class=\"post-content entry-content e-content\">\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">Hello dear readers, and welcome to the latest and greatest from VideoBytes: a brand new,\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/videobytes\/2020\/09\/introducing-videobytes\/\" target=\"_blank\" rel=\"noreferrer noopener\">video feature that we announced just yesterday<\/a>.<\/span><\/p>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">On our debut post today, we\u2019re talking to you about the Twitter hack, in which\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/social-engineering\/2020\/07\/coordinated-twitter-attack-rakes-in-100-grand\/\" target=\"_blank\" rel=\"noreferrer noopener\">hackers accessed the Twitter accounts of 130 high profile figures<\/a>, like Barack Obama, Joe Biden and Elon Musk by gaining access to an employee administrative panel.<\/span><\/p>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">Watch on to learn all about it! Or, as our esteemed host always says: Sit back, relax, here come the facts.<\/span><\/p>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">(And a quick note to our readers: For just a couple of days, you may see a YouTube title that doesn\u2019t mention \u201cVideoBytes.\u201d Do not worry, there is nothing wrong with your \u2026 er, television set? That\u2019s us, updating our videos as we move along.)<\/span><\/p>\n<p><span style=\"color: #800000;\"><strong>Video | Twitter gets Hacked<\/strong><\/span><\/p>\n<p><iframe loading=\"lazy\" title=\"Malware Monthly News \u2013 July\/August 2020 (Part 1)\" width=\"696\" height=\"392\" src=\"https:\/\/www.youtube.com\/embed\/wTglFuOuV1w?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen><\/iframe><\/p>\n<h2><strong><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">The Attack<\/span><\/strong><\/h2>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">The hackers called Twitter employees on their phones and tricked them into handing over their passwords. Basically, they used some simple social engineering.\u00a0They accomplished this by\u00a0<a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hackers-stole-twitter-employee-credentials-via-phone-phishing\/\" target=\"_blank\" rel=\"noreferrer noopener\">calling a lot of people and eventually obtaining a few passwords for accounts<\/a>\u00a0with fewer accesses.\u00a0 The attackers then worked their way into compromising accounts with more accesses and reset the passwords for 45 of the targeted accounts and logged in.<\/span><\/p>\n<h2><strong><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">The Damage<\/span><\/strong><\/h2>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\"><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/twitter-hackers-read-private-messages-of-36-high-profile-accounts\/\" target=\"_blank\" rel=\"noreferrer noopener\">According to Twitter, 130 total accounts were targeted<\/a>, 45 of them had tweets sent by attackers, 36 accounts had their direct messages accessed and a few accounts had their Twitter data archive downloaded. Yikes.<\/span><\/p>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">The tweets sent by the attackers using the hijacked accounts all pointed to a bitcoin gathering scam. Each tweet claimed that the user was \u201cgiving back\u201d by sending people double the bitcoin they put into a wallet. If that immediately sounds too good to be true, well, it was.<\/span><\/p>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">The cryptocurrency wallet set up by the hackers collected about $120,000 worth of bitcoins. Interestingly enough, it could have been a lot more, but\u00a0<a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/coinbase-blocked-twitter-hackers-from-stealing-an-extra-280k\/\" target=\"_blank\" rel=\"noreferrer noopener\">Coinbase, the US-based cryptocurrency exchange, blacklisted the bitcoin<\/a>\u00a0address for the hackers\u2019 wallet.\u00a0The exchange company therefor prevented almost 1000 users from getting scammed and sending bitcoin worth approximately $280,000 over to the hackers. Good work.<\/span><\/p>\n<h2><strong><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">Recovery<\/span><\/strong><\/h2>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">In response to this attack, Twitter blocked all accounts involved from tweeting for 3 hours while they cleaned it up.<\/span><\/p>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\"><a href=\"https:\/\/www.nbcnews.com\/tech\/security\/twitter-breach-exposes-one-tech-s-biggest-threats-its-own-n1234076\" target=\"_blank\" rel=\"noreferrer noopener\">To reduce the chance of it happening again<\/a>, Twitter admins are also significantly limiting employee access to internal systems during the investigation and improving tools to identify unauthorized access to their internal systems.<\/span><\/p>\n<p><strong><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">Finally, Twitter is rolling out company-wide phishing training.<\/span><\/strong><\/p>\n<p><span style=\"font-family: 'trebuchet ms', geneva, sans-serif; font-size: 12pt;\">The administrative tools the hackers gained access to could disable two-factor authentication.\u00a0So, victims had no chance of preventing their accounts from being hijacked.\u00a0 It was an unfortunate, but thankfully not devastating, lesson for the social media company.<\/span><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>by Malwarebytes Labs Hello dear readers, and welcome to the latest and greatest from VideoBytes: a brand new,\u00a0video feature that we announced just yesterday. On our debut post today, we\u2019re talking to you about the Twitter hack, in which\u00a0hackers accessed the Twitter accounts of 130 high profile figures, like Barack Obama, Joe Biden and Elon [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10,17],"tags":[14107],"class_list":{"0":"post-29576","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-cyber-security","7":"category-pics-and-videos","8":"tag-twitter-gets-hacked"},"_links":{"self":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts\/29576","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/comments?post=29576"}],"version-history":[{"count":0,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/posts\/29576\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/media?parent=29576"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/categories?post=29576"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.technologyforyou.org\/wp-json\/wp\/v2\/tags?post=29576"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}