Twitter hackers used “phone spear phishing” in mass account takeover

reader comments

26 with 20 posters participating, including story author

The hackers behind this month’s epic Twitter breach targeted a small number of employees through a “phone spear phishing attack,” the social media site said on Thursday night. When the pilfered employee credentials failed to give access to account support tools, the hackers targeted additional workers who had the permissions needed to access the tools.

“This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” Twitter officials wrote in a post. “This was a striking reminder of how important each person on our team is in protecting our service. We take that responsibility seriously and everyone at Twitter is committed to keeping your information safe.

Thursday’s update also disclosed that the hackers downloaded personal data from seven of the accounts, but didn’t say which ones.

The post was the latest update in the investigation into the July 15 hack that hijacked accounts belonging to some of the world’s best-known celebrities, politicians, and executives and caused them to tweet links to Bitcoin scams. A small sampling of the account holders included Vice President Joe Biden, philanthropist and former Microsoft founder, CEO, and Chairman Bill Gates, Tesla founder Elon Musk, and pop star Kanye West.

It took hours for Twitter to return control of the accounts to their rightful owners. In some cases, the hackers regained control of accounts even after they had been recovered, resulting in a tug-of-war between the intruders and company employees.

Hours after containing the

Continue reading – Article source

Similar Posts:

• Amazing Benefits of Webhosting
• Easy and personalized, a money account according to AMAAR MANAGEMENT LTD
• All About Webmail
• Debunking the Myths about Car Tracker GPS
• Do Car Covers Protect Against Hail?