Skip to main content

Twitter says passwords were not compromised in hijacking, DM security unclear

Avatar for Filipe Espósito  | Jul 16 2020 - 2:10 pm PT
0 Comments

Multiple Twitter accounts were compromised yesterday as part of a cryptocurrency scam, including the official Apple profile, Elon Musk, Bill Gates, Barack Obama, and other high-profile accounts. While Twitter claims there’s no evidence that passwords were stolen, a new report says the account hijacking was planned with the help of a company employee.

Hackers posted tweets on the affected accounts asking followers to send Bitcoin to an unknown account. “All Bitcoin sent to our address below will be sent back to you doubled,” said the message. The action lasted about an hour until Twitter locked verified accounts, which were the main target of the invaders.

According to a report from Motherboard, hackers paid a Twitter employee to gain access to accounts through an internal control panel of the social network.

This tool allows Twitter employees to change personal data for each account, such as the associated email address. Thanks to this control panel, the invaders were able to change the email addresses of specific accounts in order to gain access to them.

Twitter later confirmed that some of its employees had collaborated with the attack.

However, the company denies that any passwords have been leaked, arguing that users don’t need to change their passwords to keep the account safe. There’s no word on whether hackers have also obtained access to DMs from Twitter accounts, since private messages aren’t encrypted. Jack Dorsey, CEO of Twitter, promised end-to-end encrypted DMs in 2018, but that hasn’t been implemented yet.

Twitter told TechCrunch that affected people and companies will soon regain access to their accounts. Over $100,000 were transferred to the cryptocurrency wallet during the account hijacking, and now the FBI is investigating the case.

The company is yet to give more information about the incident as potential security breaches are still being investigated. Twitter stocks (TWTR) have fallen nearly 4% since yesterday’s attack, closing today at $35.20.

Add 9to5Mac to your Google News feed. 

FTC: We use income earning auto affiliate links. More.

iPhone SE case- Griffin Survivor
You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Check out 9to5Mac on YouTube for more Apple news:

Comments

Guides

Twitter

Twitter

Twitter is a social networking site that was cre…

Author

Avatar for Filipe Espósito Filipe Espósito

Filipe Espósito is a Brazilian tech Journalist who started covering Apple news on iHelp BR with some exclusive scoops — including the reveal of the new Apple Watch Series 5 models in titanium and ceramic. He joined 9to5Mac to share even more tech news around the world.