Saturday, August 8, 2020
ADVT 
National

Twitter accounts of Joe Biden, billionaires, and companies targeted in an unprecedented social media breach

Darpan News Desk Darpan, 16 Jul, 2020
  • Twitter accounts of Joe Biden, billionaires, and companies targeted in an unprecedented social media breach

High profile individuals such as Joe Biden, Elon Musk, Jeff Bezos and other Twitter account users were targeted in a widespread hack to offer fake bitcoin deals on Wednesday in one of the most unprecedented security breaches on a social media site.

It wasn't Biden, Musk, or Bezos who were targeted,  former US President Barack Obama, Microsoft co-founder Bill Gates, musician Kanye West and both Uber and Apple also posted similar tweets, all asking people to send cryptocurrency to the same bitcoin address.

The tweets were taken down throughout the afternoon, shortly after being posted.Hacks of high-profile individual accounts on Twitter have happened before, including Twitter CEO Jack Dorsey whose account was targeted in 2019 but the widespread nature of this attack suggested an unusually massive operation to internal controls.

While it was not exactly clear how the attacks originated or why they went on for hours together, some cybersecurity experts speculated that someone may have gained access to internal Twitter controls that allowed them to take over and post on the accounts. “This is massive,” said cybersecurity expert Rachel Tobac, the CEO of SocialProof Security. “This is most likely the largest attack I’ve ever seen. We are extremely lucky that these attackers are monetarily motivated and not sowing mass chaos all over the world.”It wasn't Twitter accounts that were targeted but the attack also partially shut down the network.

Twitter said in a tweet on Wednesday afternoon that some users weren’t able to tweet while it was addressing the problem. Users with the check mark indicating that their accounts were verified by Twitter reported that they weren’t able to tweet.Twitter started letting verified accounts tweet again Wednesday night but warned the “functionality may come and go” as it worked on a fix to the breach.

Later the same night, Dorsey tweeted that the company was “diagnosing and will share everything we can when we have a more complete understanding of exactly what happened.” He called it a “tough day” at Twitter. Twitter said in later a tweet that it “detected a coordinated attack by people who successfully targeted some of our employees with access to internal systems and tools.”

Cybersecurity experts warned that this will create major noticeable hurdles for Twitter, and it will make it more challenging moving forward to verify the authenticity of messages on the service. That could have wide-reaching implications for politicians, celebrities and brands that use Twitter as an essential channel for communication. “The problem is that we all rely on Twitter as this public space that is safe and secure, and we know that the tweets that someone like a Joe Biden is sending out are authentic,” said Harper Reed, an entrepreneur who served as the 2012 Obama campaign’s chief technology officer. “Twitter has proven to us that may not be true.” President Trump is an avid user of the platform, frequently tweeting his views to more than 83 million followers. Trump’s Twitter account was taken down for 11 minutes in 2017 by a departing employee for the company.

After the incident, Twitter tweeted that it had “implemented safeguards to prevent this from happening again.”Cybersecurity experts warned that this type of breach, where influential accounts are taken over, could have devastating effects if used for something more dangerous than to take money from unsuspecting users. The consequences could be greater if it involved an account like Trump’s or spread misinformation on some type of global security threat. Disinformation expert Clint Watts compared it to a 2013 incident in which hackers took control of the Associated Press Twitter account and falsely tweeted that the White House was under attack. That caused a brief nose dive  in the stock market that quickly corrected once the hoax was exposed.

If U.S. adversaries gained similar control of a politician’s accounts on Election Day, they could wreak havoc by spreading misinformation about polling locations or phony rumors about voter fraud, he said. “Russia’s most dangerous play is how do you inflict the maximum amount of chaos on Election Day. They want to further erode confidence in democracy, and this is emblematic of a way they can do that,” he said.The hacks Wednesday differ from another high-profile hack last year against Twitter CEO Dorsey, in which his phone number was hacked and used to send tweets via text message.

Some of the people who were hacked indicated that they had turned on two-factor authentication and were using strong passwords, which typically makes unauthorized account access much more difficult. SocialProof Security’s Tobac said one likely scenario could be that hackers gained access to the back end of Twitter’s employee administration panel, which could include access to change account passwords. This could have happened by a hacker stealing an employee’s credentials, especially if an employee didn’t have secure multifactor authentication turned on. Early Wednesday afternoon on the West Coast, Tesla CEO Musk’s account was one of the first to tweet the scam to his nearly 37 million followers. Feeling grateful, doubling all payments sent to my BTC address! You send $1,000, I send back $2,000! Only doing this for the next 30 minutes,” the now-deleted tweet said. His account continued to tweet similar posts as they were deleted. This is a SCAM, DO NOT participate!” Cameron Winklevoss, a bitcoin investor and co-founder of Gemini, wrote of Musk’s tweet.

Gemini’s account was hacked earlier in the day, Winklevoss tweeted, despite the account using two-factor authentication for security. Gates‘s was one of the next high-profile accounts to tweet.Spokeswoman Bridgitt Arnold confirmed that the tweet was not sent by Gates and said Twitter was working to restore his account. Meanwhile, Uber’s corporate account posted a tweet that read, “Due to Covid-19, we are giving back over $10,000,000 in Bitcoin! All payments sent to our address below will be sent back doubled.” Uber confirmed in a tweet that its account had been hacked. “Like many others, our @Uber account was hit by a scammer today.

The tweet has been deleted and we’re working directly with @Twitter to figure out what happened,” the company’s communication team tweeted. Then came a tweet from Amazon CEO and Washington Post owner Bezos’s account. “I have decided to give back to my community.” The tweet said it would be limited to $50 million.Democratic presidential hopeful Biden was also a target of the hack, his campaign confirmed. His account tweeted out the same bitcoin wallet address. Twitter spokeswoman Aly Pavela said earlier in the day that the company was investigating the issue. The company said in a tweet it was “taking steps to fix” the security issue and would provide an update.Representatives for Musk, Bezos and Apple did not immediately respond to requests for comment.

The bitcoin wallet the tweets pointed to appeared to receive more than $115,000. It’s unclear how much of that was driven by the hacked tweets and what may have originated from the scammers.It’s also unclear how much information the hackers were able to cull from the accounts they compromised. If they were able to access the accounts’ direct messages they might have stolen information they could leak later to embarrass people or to sow chaos during the 2020 election or another major event, said Theresa Payton, CEO of the cybersecurity company Fortalice Solutions and a former White House technology official. This is a serious reminder of how important Internet security is, especially leading up to the election, she said. “Today should be a tsunami bell warning for all social media companies,” she said.

MORE National ARTICLES

30 year old South Asian man killed on Monday seen a valued member of the community

30 year old South Asian man killed on Monday seen a valued member of the community

The 30-year-old man who was shot and killed in Vancouver's Punjabi Market on Monday has received kudos from the Vancouver Punjabi Market on their Instagram page.

30 year old South Asian man killed on Monday seen a valued member of the community

Bank of Canada says rates will stay low for a long time.

Bank of Canada says rates will stay low for a long time.

The Bank of Canada left its key interest rate unchanged at 0.25% and says it is likely to remain at that level for at least two years as the economy gradually recovers from the coronavirus pandemic and measures to contain it.

Bank of Canada says rates will stay low for a long time.

Body found after fire in Langley, B.C.: RCMP

Body found after fire in Langley, B.C.: RCMP

Police are investigating after a body was found in a wooded area on the boundary between Langley, B.C., and Surrey on Wednesday morning.

Body found after fire in Langley, B.C.: RCMP

Feds urged to review Alberta coal mine project

Feds urged to review Alberta coal mine project

A lawyer at the centre of a lobbying effort to stop a coal mine from expanding in Alberta says the federal government's refusal to do its own environmental review of the project is the ultimate in "climate hypocrisy."

Feds urged to review Alberta coal mine project

Proposed deal reached in B.C. foster care case

Proposed deal reached in B.C. foster care case

A proposed settlement agreement has been reached in the case of a British Columbia government guardian, who is alleged to have stolen hundreds of thousands of dollars from vulnerable foster children.

Proposed deal reached in B.C. foster care case

Charities awaiting word on $912M program

Charities awaiting word on $912M program

Non-profit groups that wanted to use Canada Student Services Grant to hire volunteers say they have not heard a peep from the federal government since WE Charity walked away from managing the $912-million program almost two weeks ago.

Charities awaiting word on $912M program

PrevNext