Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Twitter breach that impacted Apple was result of spear phishing attack

Twitter continues to release information about its investigation into a massive security breach that roped a number of high-profile accounts into spamming messages in a bitcoin scam campaign.

Like many security snafus before it, the Twitter fiasco found certain key employees fall victim to social engineering. According to the microblogging firm, hackers initiated a phone spear phishing attack that involved "significant and concerted" efforts to dupe employees into handing over access to internal administration tools.

"This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems," Twitter said in a tweet Thursday. A second tweet said, "By obtaining employee credentials, they were able to target specific employees who had access to our account support tools."

As noted by previous reports and Twitter, attackers used the internal admin privileges to bypass two-factor authentication protections, changing the email and password credentials of targeted accounts. The attack vector granted full control over multiple profiles.

Twitter today provided additional information about the attack, reiterating a previous statement saying a total of 130 Twitter accounts were targeted in the operation. Tweets were sent out from 45 accounts, including Apple, Elon Musk and Jeff Bezos, while the DM inboxes of 36 were accessed. Hackers further downloaded undisclosed "Twitter Data" from seven accounts, the company said.

In the attack, controlled profiles tweeted out messages asking followers to send bitcoin to a single wallet. The scammers made off with about $100,000.

For Apple, which uses its account solely to launch advertisements and inform followers of upcoming special events, the bitcoin scam was its first public tweet.

Twitter continues to investigate the security breach and has instituted new safeguards in a bid to thwart future attempts.



5 Comments

jungmark 13 Years · 6927 comments

The weakest link to any secure system is the user. 

maestro64 19 Years · 5029 comments

Were the idiots fired, this just shows the level of people who are working the front lines at Twitter. Also this was not vector attached, it was a simple call someone and talk to them, it was not sophisticated attack on their network and software security. 

kidrock2199 10 Years · 143 comments

They made 100k! And that’s just from a tiny percentage of people that actually believe everything they read online. Thats pretty sad. As for the way they got in, again, stupidity. And hackers are taking full advantage of it. 

mr lizard 15 Years · 354 comments

Interesting conflict between Twitter’s account of events and reporting undertaken by Vice. According to Vice, their source was directly involved in the hack and claims to have paid a Twitter employee to carry out the necessary profile changes to give the hacker access. 

Either Vice were seriously duped, or Twitter’s account of events is untrue. 

Rayz2016 8 Years · 6957 comments

I’m still not clear how they convinced the employees to hand over the keys.