- Wednesday’s Twitter hack was caused by an employee selling access to the control panel, according to Motherboard
- The scammers paid the employee to be able to take over the accounts of several high profile individuals and companies
- The scammers only got away with ₿13
Wednesday’s Twitter hack that saw the accounts of high-profile figures and companies taken over and used for a Bitcoin scam was possible because scammers paid an employee to hand over access. According to screenshots and direct quotes from sources obtained by Motherboard, the accounts of the likes of Joe Biden, Elon Musk, Bill Gates, and Binance were taken over using an internal tool used by Twitter, access to which was granted by an employee who the scammers paid for access. The Twitter hack generated ₿13 for the scammers, but the results could have caused chaos on a much larger scale.
Access Sold Rather Than Stolen
In the hours following the Twitter hack, the company initially claimed that a “coordinated social engineering attack” had allowed the scammers to gain access to a key control panel that gave them the ability to manipulate the accounts. However, Motherboard journalist Jason Keobler spoke to the hackers on the day of the attack and seems to have come up with a different version of events:
we have new details about today’s Twitter hack. Spoke to one of the people involved in hack, they say a Twitter employee gave access. Sent screenshot of tool being used to hijack @binance https://t.co/2emeiH7gs1
— Jason Koebler (@jason_koebler) July 16, 2020
With regard to how the scammers gained the access, Koebler states that rather than the scammers manipulating their way into the employee giving them access, instead they paid the employee:
we spoke to two hackers and we were able to independently verify they were in control of hijacked accounts today. One of them said they paid the Twitter employee to help them take over accounts; not sure on the specifics here at the moment
— Jason Koebler (@jason_koebler) July 16, 2020
Koebler verified the voracity of the scammers’ claims by posting screenshots they had sent him of them using the internal tools they were allegedly sold access to in order to carry out the Twitter hack. The screenshots seem to undermine the claims from Twitter that access was forced rather than given, and paints a rather concerning picture of how easy it is for bad actors to take over the personal mouthpieces of the rich and powerful.
Twitter Hack Exposes the Issues With the Medium
Letters have already been sent to Twitter from American politicians asking the company to explain how the Twitter hack happened and what will be done to prevent a future one. In many ways the world got lucky with the fact that the hackers were only Bitcoin scammers – the next time they might be much worse.
