Twitter users with verified accounts started to be able to send tweets again at around 8:30 pm EDT, after the company had silenced some of its highest-profile users in response to an hours-long security incident.
Twitter had limited some users' ability to tweet, reset passwords and use other unspecified "account functions" after many of the platform's top accounts were hacked and used to solicit digital currency. the most powerful Twitter accounts in America were all tweeting about Bitcoins on Wednesday afternoon. It was a scam, of course, but one that got a social push from the biggest political and entertainment handles in the United States. Twitter tried to regain control and delete the messages, but some of the handles were posting similar messages even after that.
Among the affected names are former president Barack Obama, presidential hopefuls Joseph R. Biden Jr. and Kanye West, tech stars Bill Gates and Elon Musk, as well as institutional handles like @Apple. As Twitter tried to regain control, verified handles across the world went mute for a while and were unable to tweet.
Around 4 pm Wednesday in the US, many high-profile accounts started tweeting a message saying any bitcoin sent to a link in the tweet will be sent back doubled, an offer the tweet said last just for 30 minutes.
Apple and Uber handles were among the first to be impacted, followed by those of Musk and Gates. In a couple of hours, it had taken over the handles of Obama, Biden, Mike Bloomberg and Amazon founder Jeff Bezos. Around the time handles of boxer Floyd Mayweather and celebrity Kim Kardashian had been affected, Twitter locked most large verified accounts across the US and rest of the world.
However, in the four-odd hours the tweets were live, the Bitcoin wallet promoted in the tweets received over $100,000 via at least 300 transactions.
ALSO READ
SC allows trade in cryptocurrency, quashes RBI curb
How did the Twitter hack happen?
According to Twitter Support, the “coordinated social engineering attack” was executed by people who “successfully targeted some of our employees with access to internal systems and tools”. “We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it,” another tweet said. Twitter said that even as it has limited functionality of the affected accounts, it also restricted access to internal systems and tools.
Clearly, the vulnerability that has been exploited was within the Twitter systems and not on the user side.
What is Twitter saying about the incident?
Twitter’s product lead Kayvon Beykpour tweeted that their “investigation into the security incident is still ongoing”, and promised more updates from @TwitterSupport. “In the meantime, I just wanted to say that I’m really sorry for the disruption and frustration this incident has caused our customers,” he said.
In a series of tweets, @TwitterSupport acknowledged the “security incident” and informed users that they maybe be unable to tweet or reset passwords till the micro-blogging platform reviewed the incident.
About four hours after the first acknowledgment, the handle said: “Most accounts should be able to Tweet again. As we continue working on a fix, this functionality may come and go. We’re working to get things back to normal as quickly as possible.”
Twitter CEO Jack Dorsey called it a tough day for “us at Twitter”. “We all feel terrible this happened. We’re diagnosing and will share everything we can when we have a more complete understanding of exactly what happened,” he tweeted.
Comments
Post a Comment