THELOGICALINDIAN - An analysis by the New York State Department of Financial Services has appear how the abundant Twitter drudge in July happened A absolute of 130 highprofile celebrity accounts were compromised and abounding were acclimated to cheep about a bitcoin betrayal scam
How Twitter Was Hacked
The New York State Department of Financial Services (NYDFS) appear its Twitter analysis address aftermost week. It explains how the massive Twitter hack on July 15 happened, consistent in abounding high-profile accounts actuality accessed and acclimated to cheep about a bitcoin betrayal scam.
A NYSE-listed technology aggregation with a bazaar cap of $40 billion, Twitter has added than 330 actor absolute account alive users and over 186 actor circadian alive users, including over 36 actor (20%) in the U.S., the NYDFS detailed.
The drudge began on July 14 back one or added hackers alleged several Twitter employees, claiming to be calling from the IT department’s advice board about Twitter’s VPN, which a cardinal of advisers appear accepting problems with. “Employees had common problems with the VPN access to the network,” the address details.
Twitter’s VPN botheration ballooned back the aggregation confused to alien alive in March due to the Covid-19 outbreak, which put a ache on the company’s technology infrastructure, consistent in common VPN problems. “The hackers took advantage of these issues and affected to be calling from Twitter’s IT administration about a VPN problem,” the NYDFS stated, elaborating:
The hackers directed the advisers to a phishing website that looked identical to the accepted Twitter VPN website and was hosted by a analogously called domain. “As the agent entered their accreditation into the phishing website, the hackers would accompanying access the advice into the absolute Twitter website. This apocryphal log-in generated an MFA notification requesting that the advisers accredit themselves, which some of the advisers did,” the NYDFS explained. “While some advisers appear the calls to Twitter’s centralized artifice ecology team, at atomic one agent believed the hackers’ lies.”
The address capacity that Twitter maintains “internal annual administration tools” to administer a ambit of user annual issues, which the hackers acquired admission to. A cardinal of accustomed Twitter advisers accept a username and countersign to admission these centralized annual administration tools. According to the report:
During its investigation, the NYDFS conducted a analysis and abstruse that 15 cryptocurrency companies blocked transfers to the hackers’ addresses acquaint on Twitter, and seven did not. Four crypto companies actively blocked their users’ attempts to accelerate BTC to the hackers’ bitcoin addresses. In particular, the NYDFS found:
What do you anticipate about this Twitter hack? Let us apperceive in the comments area below.
Image Credits: Shutterstock, Pixabay, Wiki Commons
