Twitter illustration. - Omar Marques / SOPA Images / Sipa / SIPA
- The Twitter accounts of American personalities, including Bill Gates, Elon Musk or Joe Biden and Barack Obama have been victims of massive hacking used to promote a cryptocurrency scam.
- "What is particularly impressive is the multiplicity of highly visible and well-monitored accounts that were affected simultaneously," explains Gérôme Billois, cybersecurity expert for Wavestone.
- The massive hacking of Twitter today poses the question of social network security in the run-up to the American presidential election.
"It is a difficult day for us". The message posted this Thursday by Jack Dorsey, the boss of Twitter, sums up the situation very well. On the night of Wednesday to Thursday, the social network Twitter was the victim of one of the biggest hacks in its history. Accounts of personalities like Barack Obama, Bill Gates, Jeff Bezos, Elon Musk but also multinationals like Apple or Uber have been hacked. "Happy Wednesday! I offer bitcoins to all my subscribers. I double all payments sent to the bitcoin address below ”, were able to read Internet users on the account of Elon Musk, the fanciful boss of Tesla.
"The hackers have managed to take control of these accounts by posting a message encouraging millions of followers to send bitcoins to an account, with the promise of receiving twice as much in return", explains expert Gérôme Billois to 20 Minutes in cybersecurity for Wavestone. “It was the greed that motivated cybercriminals. The consequences could have been much more serious if the hackers had had political aims, "added the cybersecurity expert. The massive hacking of Twitter therefore today poses the question of the security of the social network and more broadly of all platforms, with the approach of the American presidential elections.
It looks like @JoeBiden & @BarackObama Twitter accounts have been compromised in what appears to be an ongoing hack asking for Bitcoin donations. More on the lengthy list of people targeted today here: https://t.co/AfXfV0dvSQ pic.twitter.com/Vk47Iw7WW0- Marianna Sotomayor (@MariannaNBCNews) July 15, 2020
A "classic" but "unprecedented" attack by its scale
"It is a very classic scam that has been circulating on Twitter for a long time but which in general is carried out in a" unitary "way. What is particularly impressive is the multiplicity of highly visible and well-monitored accounts that were affected simultaneously, "explains Gérôme Billois. On this scale, this attack is a first. "This is probably one of the biggest hacks in the history of Twitter, which has also specifically affected certified accounts [blue badge to ensure users the authenticity of an account]", specifies the cybersecurity expert.
According to the first elements of the investigations launched by Twitter, one or more employees in charge of support were hacked into computers by a social engineering attack , which would have allowed the hacker to have access to internal Twitter tools. “This is not due to a technical failure. We targeted one or more Twitter employees in order to be sure to come across operational accesses managing certified accounts, therefore with a high profile, in order to amplify communication around the scam, which is rather classic, ”explains de Loïc Guezo, director of cybersecurity strategy at ProofPoint.
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.- Twitter Support (@TwitterSupport) July 16, 2020
Financially, the scam seems small. According to the specialized site Blockchain.com, which tracks transactions made in cryptocurrencies, a total of 12.58 bitcoins, or nearly 116,000 dollars, was sent to one of the addresses mentioned in the fraudulent tweets. This is what has enabled Twitter to limit the damage: cybercriminals have only sought a quick gain, in addition to striking the public with the particularly spectacular nature of the operation.
"In any event, there will inevitably be political consequences on the degree of trust placed in Twitter, a few weeks before the American elections, especially when we know that it is the preferred social network of the American president" , explains Gérôme Billois. The usurpation of leading certified accounts, and the ability to tweet at specific times, indeed raises the question of the importance of social platforms during electoral periods. "Twitter will therefore have to be very transparent in the coming months and" show its feet "by correcting these flaws," warn most cybersecurity experts.
It will heat up severely today for Twitter: hacking of internal tools which has led to the compromise of many accounts! This is Bitcoin but did they have access to private mesg? We too often forget the fault of administrators / supports https://t.co/2jTXQ5m0ZQ- Gerome Billois (@gbillois) July 16, 2020
Can there be other hacks?
“The flaw used to gain access to the internal Twitter account has so far been unable to be closed. It will take at least a few days for Twitter to correct it in depth and block certain accesses, "explains Gérôme Billois, who recognizes however that" there is very little chance that there will be a resurgence of the attack in the coming days, especially due to the temporary security measures put in place by the platform ”.
The good news is that Twitter has been very responsive. “They obviously have significant investigative skills. They played the transparency card, communicating regularly, ”notes the French Information Security Club (Clusif). "It seems that the social network has taken measures to prevent such incidents from happening again in the future, by making tools such as the one that was probably used in this attack less accessible," also explains Lotem Finkelstein, in cybersecurity manager at Check Point, security services provider for information systems.
How to protect yourself?
Many simple rules generally make it possible to avoid hacking personal accounts: avoid clicking on attachments which may appear suspicious in an email, do not give your identifiers even when an email from the service used requests it or use a double authentication system. “We suggest that all users check and pre-screen as much as possible. You have to do more research on the account before giving money, because it's not "it's too good and probably true", but "not to be too impulsive by clicking" ", explains Benoît Grunemwald, cybersecurity expert at Eset.
Be that as it may, this case recalls that “behind the machines there are humans, who can have access to our private messages and to the information that we deposit there. You always have to take with caution all that is posted on social networks ”, underlines Gérôme Billois. “These systems are not closed, everything we exchange in them can be accessible. It's kind of the tip of the iceberg. ”
Twitter victim of massive hacking, accounts of Joe Biden, Barack Obama and Elon Musk affected
Facebook: Personal data of 267 million accounts for sale on the dark web for 500 euros
- By the Web
- Elon Musk
- Bill gates
- Social media
- Barack Obama
- Identity theft
- Cyber attack