Twitter has identified that their recent hack was a result of phone spear phishing. Hackers caused chaos after temporarily gaining access to internal tools.

The Scope

A Thursday morning blog post update from Twitter informed the public about the recent hack that saw high-profile user accounts compromised with run-of-the-mill Bitcoin scams.

According to the release, “spear phishing” attacks took advantage of “human vulnerabilities” to fool employees of the social media giant.

The update comes two weeks after the hack affected major influencers on the platform including Elon Musk and Bill Gates.

Advertisement
Continue reading below

What Is Spear Phishing?

Previously, Twitter had identified the method by which credentials were compromised as a “coordinated engineering attack.” The hackers gained access to the account info of Twitter employees, some of whom had access to internal tools and thus the ability to post on users’ accounts.

Standard phishing involves hackers who present themselves as legitimate services like banks. They request users to login, reset a password, or sign into a website. Often, the user will be taken to the true site after the information is stolen, and therefore be completely unaware.

Spear phishing is a little more personal, according to security firm Kaspersky:

Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business.

Unlike traditional phishing that may send out bulk e-mails hoping to snag a few vulnerable users, spear phishing requires research into a specific target. In other words, the attack was not a lucky break, but a time-consuming and researched attack designed to gain the account details of specific Twitter staff.

Conspiracy Theories

Upon access, the hackers claimed to offer higher amounts of free crypto in return for sending smaller amounts to certain addresses (for charity, of course). Needless to say, those who fell for it received nothing back.

Other more sinister motivations have been suggested.

With less than $200,000 stolen, the attack may have been designed to humiliate Twitter. Bestselling author Don Winslow suggested it was merely a test run. He believes the hack was connected to manipulation surrounding the U.S. election.

Others speculate that it may have been some actor trying to cast cryptocurrencies in a bad light.

The attack, though thorough, might not have been all that well coordinated. The New York Times claims to have spoken with several hackers involved in the attack. The smaller actors reportedly interacted with a hacker known as “Kirk” who set up the Bitcoin wallets associated with the debacle.

These middle-men claimed to be 19-20-year-olds living in the UK and USA, The Times said. Kirk approached one of them, originally claiming to work for Twitter, offering to sell account details. A hacker that spoke with The Times claims he did not infiltrate any of the high-profile Twitter accounts.

Twitter has reportedly since restricted the ability of any user to post strings of numbers and letters, possibly as a way to prevent the posting of wallet addresses.

The company’s share price briefly dipped following the attack, but soon recovered. Critics argue that the media may, once again, be exaggerating the impact of such a hack. Phishing attacks reveal a problem that may never be solved by technology: human error.