- Joined
- Jun 13, 2020
- Messages
- 7,544
- Reaction score
- 916
- Points
- 212
- Awards
- 2
The financial regulator presented a detailed report on the investigation of the Twitter hack.
The New York Department of Financial Services has released a report on the investigation into the Twitter hack that took place in July this year. According to the report, it took cybercriminals 24 hours to complete the hack.
As the investigation established, the attack began on July 14 and ended the next day, when it became obvious that the accounts of a number of public figures, including politicians and founders of large companies, had been hacked by hackers for fraudulent purposes.
The attackers, identified shortly after the incident, used access to the internal Twitter network to change the email addresses and credentials of users of interest and take control of their accounts. In total, the hackers tried to attack 130 accounts, and 45 of them had their passwords changed.
A few weeks after the incident, the Twitter administration reported that during the attack, the attackers contacted company employees by phone and tricked them into gaining access to the necessary internal support tools. According to the NYS Department of Financial Services, it took almost a day from the time of the phone call to the hack.
The attack was allegedly carried out by 17-year-old Florida resident Graham Ivan Clark, aka Kirk # 5270, 19-year-old Briton Mason John Sheppard, known as Chaewon, and 22-year-old Florida resident Nima Fazeli (Nima Fazeli), also known as Rolex.
On the afternoon of July 14, the attackers called several Twitter employees and, posing as IT employees, reported problems with the VPN (a very common problem, given the number of employees working remotely). They then asked employees to enter their credentials into a form on a phishing page.
The investigation did not find any evidence that the employees deliberately helped the hackers. Using the personal information of the employees, the attackers managed to convince them that they are really who they claim to be. While some employees did report a suspicious call to Twitter's internal anti-fraud department, at least one victim fell for the bait.
Although the first victim did not have access to the internal systems of interest to the hackers, they used her credentials to navigate the network and search for employees who had such access. On July 15, attackers attacked these employees, including those responsible for handling delicate global legal requests.
Soon after the attackers gained control of Twitter accounts (including the “original gangster” OG accounts), they began discussing selling OG usernames and demonstrating that they had access to Twitter's internal systems.
Cybercriminals then switched to verified accounts to lend credibility to their cryptocurrency scam. Within hours, they attacked the accounts of cryptocurrency trader AngeloBTC, cryptocurrency exchange Binance, and ten other cryptocurrency-related accounts, including Coinbase, Gemini Trust Company, and Square.
A few hours later, hackers began to post tweets from compromised accounts, including Apple, Uber, Bill Gates, Elon Musk, Kanye West, Floyd Mayweather, Kim Kardashian, etc. As a result, they managed to steal $ 118 thousand in bitcoins.
The NYS Financial Services Authority found that the incident had compromised the non-public data of some users, and Twitter did not update information about the incident in a timely manner.
The New York Department of Financial Services has released a report on the investigation into the Twitter hack that took place in July this year. According to the report, it took cybercriminals 24 hours to complete the hack.
As the investigation established, the attack began on July 14 and ended the next day, when it became obvious that the accounts of a number of public figures, including politicians and founders of large companies, had been hacked by hackers for fraudulent purposes.
The attackers, identified shortly after the incident, used access to the internal Twitter network to change the email addresses and credentials of users of interest and take control of their accounts. In total, the hackers tried to attack 130 accounts, and 45 of them had their passwords changed.
A few weeks after the incident, the Twitter administration reported that during the attack, the attackers contacted company employees by phone and tricked them into gaining access to the necessary internal support tools. According to the NYS Department of Financial Services, it took almost a day from the time of the phone call to the hack.
The attack was allegedly carried out by 17-year-old Florida resident Graham Ivan Clark, aka Kirk # 5270, 19-year-old Briton Mason John Sheppard, known as Chaewon, and 22-year-old Florida resident Nima Fazeli (Nima Fazeli), also known as Rolex.
On the afternoon of July 14, the attackers called several Twitter employees and, posing as IT employees, reported problems with the VPN (a very common problem, given the number of employees working remotely). They then asked employees to enter their credentials into a form on a phishing page.
The investigation did not find any evidence that the employees deliberately helped the hackers. Using the personal information of the employees, the attackers managed to convince them that they are really who they claim to be. While some employees did report a suspicious call to Twitter's internal anti-fraud department, at least one victim fell for the bait.
Although the first victim did not have access to the internal systems of interest to the hackers, they used her credentials to navigate the network and search for employees who had such access. On July 15, attackers attacked these employees, including those responsible for handling delicate global legal requests.
Soon after the attackers gained control of Twitter accounts (including the “original gangster” OG accounts), they began discussing selling OG usernames and demonstrating that they had access to Twitter's internal systems.
Cybercriminals then switched to verified accounts to lend credibility to their cryptocurrency scam. Within hours, they attacked the accounts of cryptocurrency trader AngeloBTC, cryptocurrency exchange Binance, and ten other cryptocurrency-related accounts, including Coinbase, Gemini Trust Company, and Square.
A few hours later, hackers began to post tweets from compromised accounts, including Apple, Uber, Bill Gates, Elon Musk, Kanye West, Floyd Mayweather, Kim Kardashian, etc. As a result, they managed to steal $ 118 thousand in bitcoins.
The NYS Financial Services Authority found that the incident had compromised the non-public data of some users, and Twitter did not update information about the incident in a timely manner.
