What do we know about the Twitter scam and the Bitcoins? It seems that behind it is 'the stung' among some young hackers

Last week, Twitter suffered what many are already calling the biggest hack in its history, a cybersecurity breach that allowed it to take temporary control of the accounts of prominent figures such as Barack Obama, Joe Biden, Jeff Bezos, and Elon Musk. What do we know about this cyber attack?

First of all, it was a Bitcoin scam in which the perpetrator(s) asked to deposit an amount of these crypto-currencies and the person who did so would receive double the amount of dollars in his account. They managed to defraud more than 100,000 euros - although according to The Verge the exchange platform Coinbase says it stopped more than $280,000 in BTC transactions.

As confirmed by the social network itself, this occurred over a total of 130 accounts, of which 45 were accessed: "We know that they accessed tools that are only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, log into the account and send Tweets".

The platform also shared that "For up to eight of the Twitter accounts involved, attackers took the additional step of downloading the account information through our 'Your Twitter Details' tool. We are communicating directly with any account owner where we know this to be true.

This means that they were able to access direct messages from victims, as well as lists of followers, followers, and much more information related to the account. Due to the turmoil that this statement generated, they clarified that "none of the eight were verified accounts.

As for how the hacking occurred, Twitter said it believed the hackers attacked its employees using social engineering. The FBI and the New York State Department of Financial Services are investigating.

Meanwhile, The New York Times says it has spoken to several of the people involved and that it all began "with a taunting message between two hackers on Tuesday night on the Discord online messaging platform," one of whom "showed he could take control of valuable Twitter addresses, the kind of thing that would require internal access to the company's computer network.

The international newspaper says the cyberattack "was not the work of a single country like Russia or a sophisticated group of hackers. It was done "by a group of young people, one of whom says he lives at home with his mother, who met because of their obsession with having early or unusual screen names, particularly a letter or number, like 'and' or '6.

The media verified that all four people were connected to the 'hack' by matching their social network accounts and crypto-currencies to the accounts involved in the attack. They also presented corroborating evidence of their involvement, such as records of their conversations on Discord and Twitter.

Motherboard reported that the hackers convinced a Twitter employee to help them log into the accounts. "We used a representative who literally did all the work for us," one of the sources said.

Twitter says it's embarrassing

"At this time, we believe the attackers targeted certain Twitter employees through a social engineering scheme. What does this mean? In this context, social engineering is the intentional manipulation of people to perform certain actions and divulge confidential information," the platform says in its blog.

It adds that "attackers successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems, including access to our two-factor protections.

He apologizes: "We are embarrassed, disappointed, and most of all, we are sorry," he concludes.

Posted Using LeoFinance