Twitter says ‘spear phishing attack’ was the cause of its huge bitcoin scam

It seems the hackers targeted employees to get the credentials needed to access Twitter's internal systems

Twitter logo on a phone

Twitter has provided another update to its unprecedented July 15th attack, which let hackers tweet from the accounts of many high profile users, like Barack Obama, Kanye West and Apple.

According to its blog post and a series of tweets that the company published Thursday evening, a few employees were targeted in a “phone spear-phishing attack.” Twitter doesn’t exactly say what that means, but The Verge suggests that it indicates hackers called Twitter employees posing as colleagues or members of the company’s security team and got them to reveal the credentials needed to access internal systems.

Additionally, Twitter provided some numbers about the attack. “Using the credentials of employees with access to these tools, the attackers targeted 130 Twitter accounts, ultimately Tweeting from 45, accessing the DM inbox of 36, and downloading the Twitter Data of 7.”

On July 15th, Twitter experienced a massive hack affecting high-profile accounts like Barack Obama, Elon Musk, Joe Biden, Kanye West, Bill Gates, Apple and more. Hackers gained access to and tweeted from these accounts. The tweet asked users to send them Bitcoin with the promise of returning double the amount.

In an attempt to stop the attack, Twitter prevented verified accounts from tweeting for a bit more than an hour.

The FBI has launched an investigation into the attack.

Source: Twitter, Via: The Verge


  • Dean Daley

    Dean is a graduate from Durham College's journalism program. He loves all sorts of Android devices and video games.