On July 15, something happened on Twitter that the company would never be able to forget. Without any prior intimation, the accounts of high-profile individuals were hacked. Twitter was a victim of a huge cyberattack. The news was big since the affected accounts included those of Elon Musk, Jeff Bezos, Kanye West, Barack Obama, Bill Gates, Kim Kardashian and even accounts of companies like Apple, Uber, and Cash App. The hack was used to send out scam links that asked individuals to send bitcoin currency to a specific cryptocurrency wallet with the promise of doubling that money.
The situation was brought under control very quickly, but the question still remains. How could the security of such a big company be compromised so easily? Even as Twitter was busy investigating the cause, Vice established contact with a bunch of individuals who claimed to be a part of the scam. They even produced screenshots as proof that they were indeed responsible for the scam. On that fateful day, they had managed to gain access to a Twitter administrative tool, also known as an “agent tool” that allowed them to change various account-level settings of some of the compromised accounts, including confirmation emails for the account.
This basically meant that they could control which email ID the password reset link went to. These hackers have told the website that they paid insiders at Twitter to get access to the administrative tool. TechCrunch reported along similar lines, saying that some of the scam messages had come from a member of a hacking forum called “OGUsers.” These individuals have claimed to make more than over US$100,000 from the Twitter scam.
The website has said that a member who goes by the name “Kirk” had gained access to the Twitter administrative tool through a compromised employee account. So there seems to be some degree of employee screw up involved here, which makes sense since big companies are investing so much in cybersecurity these days. The latest publication to have come out with its investigations is The New York Times, which spoke to similar persons involved with the events.
Owing to the ongoing pandemic, Twitter employees have been working from home, and as a result, a lot of their internal communication is being carried out through Slack. As much as Slack is secure itself, the hackers were apparently able to gain access to Twitter employees’ Slack communications channel somehow. This is where the information and authorization processes on accessing the company’s servers remotely from home had been pinned.
It seems the only thing unclear now is how the Slack credentials of that one employee were grabbed by the hackers. The story of this event has been that of shock and awe. How certain individuals managed to gain access to the admin tools of as big a website as Twitter is truly baffling. Twitter is still in the middle of its investigations into the matter and has hence also delayed the release of a new API for the time being.