Twitter hacking: for a mere handful of bitcoins?

What to do when you can tweet in place of Elon Musk, Bill Gates, Barack Obama, Warren Buffet, Apple or even Kim Kardashian? Apparently ask for bitcoins! The unprecedented massive hacking of Twitter on Wednesday, July 15, allowed the cybercriminal (s) behind the operation to collect nearly $ 120,000 in bitcoins, paid by Internet users who really thought that the predecessor of Donald Trump or the founder of Microsoft offered them a golden deal… 

The Bitcoin tweet hack in real time 😮 pic.twitter.com/lQqkJIJHcU

It is a lot, and a little at a time. The sum is substantial considering the fact "that at this stage, one might have thought that people would be aware that one should not give money in response to a simple message on a social network. This hacking underlines, more than ever, that we cannot fully trust what is written on Twitter, even when it comes to certified accounts ", notes Gérôme Billois, cybersecurity expert at Wavestone, contacted by France 24.

Bait for gain or "false track"?

But a few bitcoins also appear like very little booty for someone who, for several hours, could incarnate on Twitter some of the most powerful or influential personalities of this world. He had the power "to cause panic among the population or on the financial markets", specifies Gérôme Billois. A tweet from the Apple account on the cessation of iPhone production or several alarmist messages posted simultaneously from the profiles of personalities followed by tens of millions of people could have had far more serious consequences.

"The most likely scenario is that he is a relatively gifted hacker who discovered a flaw in the Twitter system and was quick to take advantage of it before being discovered," said Gérôme Billois. 

Another hypothesis, which is not to be excluded according to this cybersecurity expert, is that this bitcoin scam would only be a "false lead". "It would be a bit like with the NotPetya virus [in 2017, Editor's note] which appeared as a ransomware intended to attack computers at random in the world, when in reality, the real target was very precise," recalls Gérôme Billois. The CIA concluded in 2018 that it was a Russian cyber attack aimed specifically at destabilizing the Ukrainian financial system.

In the Twitter hacking case, the few bitcoins harvested could have simply been used to divert attention. "It is still too early to say what it is about. To me, it's like the pilot of a new TV series," said Felix Salomon, a journalist specializing in cybersecurity on the news site, on Twitter. Axios. 

A phone number, private messages, a thousand possibilities

Because embodying these illustrious Internet users on Twitter does not only offer the possibility of posting messages. To commit their crime, cybercriminals have taken control of a moderator account on Twitter, which allows them, at a minimum, to post, close accounts, and have access to the information provided, such as the telephone number ", lists Gérôme Billois. It is also very likely that it is possible, as a moderator, to view private messages, notes the New York Times.

This opens up a wide range of possibilities for a cybercriminal. With the phone number, he can "carry out a very fashionable type of scam in the United States, which is called sim swapping," notes the French expert. It is, for a criminal to convince the telephone operator of his victim that the sim card has been "lost" and that it is now necessary to associate the number with the sim card of the cybercriminal. The latter can then use their phone to confirm by SMS the reset of passwords for a whole series of accounts, such as email, Instagram or LinkedIn. This is how Jack Dorsey, the boss of Twitter, had his own account hacked on the microblogging platform in 2019.

Private messages can, in turn, provide elements likely to interest the first blackmailer to come. Celebrities who are victims of this hacking, like Kanye West or Kim Kardashian, could very well be ready to pay dearly so that their private conversations on Twitter do not end up in the public square. These exchanges can also be used to put pressure on a politician, like Joe Biden, or a businessman, like Elon Musk. 

Risk for international security?

If that were the case, Wednesday's operation would no longer be piracy for purely lucrative purposes, but rather a "larger operation of influence", extrapolates Gérôme Billois. For the moment, there is nothing to confirm that the cybercriminal (s) had anything else in mind than the greed. However, the success of the attack proved that it was possible to gain access to the secret Twitter gardens of some of the most powerful users of the social network. 

One way to limit the risks would be to make it "impossible from a single moderator account to pose as so many prominent personalities", suggests Gérôme Billois.

Still, this case poses "a potential international security problem," said Casey Newton, an IT security specialist for The Verge. Twitter has increasingly established itself, in recent years, as a diplomatic channel among others, used by the world's leaders, whether it is US President Donald Trump, Iranian Ayatollah Ali Khamenei or the young guard of Chinese diplomats.

Public opinion is used to seeing international relations evolve through tweets. But the hacking of the platform has demonstrated its fragility. A big blow in terms of image for Twitter. If Barack Obama can no longer tweet securely, and Internet users can no longer be sure that the messages are authentic, the social network loses part of its raison d'être.

The France 24 week summary invites you to come back to the news that marked the week

Take international news everywhere with you! Download the France 24 app