Twitter is busy Exploring the Huge hack Which took place on its platform early Thursday.
In a series of upgrades, the microblogging system on Friday revealed that it had no evidence that attackers accessed passwords and consequently did not find resetting passwords essential. The Twitter team supporting the investigation also discovered that around 130 accounts were targeted by the Turks in the incident. As a consequence of the attack, Google has dropped the prominent Twitter carousel out of its search results. The San Francisco division of the Federal Bureau of Investigation is also allegedly leading an inquiry into the Twitter hack.
- A number of prominent, verified Twitter accounts were hacked early Thursday in a widespread Bitcoin scam. The official accounts of former US President Barack Obama, Microsoft co-founder Bill Gates, Amazon CEO Jeff Bezos, Tesla CEO Elon Musk, and media tycoon Mike Bloomberg, along with brands like Apple and Uber, were amongst those affected by the hack. All these reports sent out tweets asking people to donate money in Bitcoin.
- The hacking came in place after a coordinated social engineering attack was targeted at some of Twitter employees by a third party group. The business stated that the social engineering attack helped attackers gain access to its internal systems and tools. “We know they used this access to take control of many highly-visible (including confirmed ) tweet and accounts on their benefit,” it additional .
- Twitter said on Friday that it didn’t find any evidence that the attackers accessed passwords. “Currently, we don’t believe resetting your password is essential,” the company said in a tweet posted through the Twitter Support account. The company also noted that it had locked any reports that had tried to change their passwords through the past 30 days.
- Further, as part of additional security measures, some users have been restricted from resetting their accounts password. “Apart from reports that are still locked, people ought to be able to reset their password now,” Twitter mentioned at a tweet. In addition, it added that all accounts didn’t automatically signify that they were compromised.
- In another upgrade , Twitter said that approximately 130 reports were targeted by the attackers as part of the episode. “For a small subset of these reports, the attackers could acquire control of the balances and then send tweets from these accounts,” the firm said. It has also started working with impacted account users and is”continuing to access” whether any non-public data associated with those accounts was leaked. What’s more, the capability to get users’ Twitter info was disabled while the investigation is set up.
- Since the investigation is still going on from the Twitter side, the specific effect of the attack is yet to be revealed. The business said that it had been carrying”aggressive steps” to secure its systems while investigating the hacking. “We are in the process of assessing longer-term measures that we can take and will discuss more details when we can,” it said in a tweet.
- Meanwhile, Google has eliminated the prominent Twitter carousel from its search results. The carousel, which is part of Google Search because May 2015, was showing tweets in search results to aid individuals find relevant answers on the microblogging network. However, the search giant has determined its elimination not just for the accounts that were hacked but also for many Twitter accounts. In a statement to Search Engine Roundtable, Google said,”We can confirm we have temporarily removed the Twitter carousel from Hunt after Twitter’s safety issues. Before restoring the attribute we will conduct a careful review.” The temporary change is very likely to place a massive impact on the engagements coming on Twitter from Google Search.
- While Twitter is still investigating the incident and is yet to name the attackers behind the historic hacking, famous security researcher Brian Krebs thought that hijacking might have been implemented by a 21-year-old SIM swapper from England. Krebs explained that after digging to a forum dedicated to accounts receivable, he discovered some references which the infamous SIM swapper, who goes by pseudonym PlugWalkJoe, hijacked a few of the forum users that had access to Twitter’s internal tools. Called Joseph Connor, the SIM swapper has been under investigation for assaulting accounts of actors, the researcher stated.
- Separately, the San Francisco division of this FBI is directing an inquiry to the Twitter hack several lawmakers in the United States have raised worries. US representative Jim Jordan also echoed a similar concern and stated he stayed locked from his Twitter accounts as of Thursday afternoon.
- Reuters also reported, citing people familiar with the development, which Twitter had stepped up its search for a chief information security officer (CISO) before the hack took place on Thursday. The company, however, didn’t provide any clarity on if it is bolstering its security team.