07-23-2020, 06:56 AM
DMs of 36 high-profile Twitter accounts accessed in breach
<div style="margin: 5px 5% 10px 5%;"><img src="https://www.sickgaming.net/blog/wp-content/uploads/2020/07/dms-of-36-high-profile-twitter-accounts-accessed-in-breach.jpg" width="800" height="440" title="" alt="" /></div><div><div><img src="https://www.sickgaming.net/blog/wp-content/uploads/2020/07/dms-of-36-high-profile-twitter-accounts-accessed-in-breach.jpg" class="ff-og-image-inserted"></div>
<p>Twitter on Wednesday revealed hackers accessed the direct message inboxes of 36 high-profile accounts in an unprecedented security breach last week. </p>
<div class="col-sm-12">
<p>The microblogging service in <a href="https://twitter.com/TwitterSupport/status/1286088135525318656?s=20">a tweet</a> said it believes DM inboxes of “up to 36” accounts were accessed, including one belonging to an unnamed elected official in the Netherlands. It was the first time a former or current elected official’s DMs were accessed in a hack, the company said. </p>
</div>
<div class="col-sm-12">
<p>Twitter has not disclosed which accounts were impacted in the incident, nor has the company said whose DM inboxes were infiltrated. Account holders affected by the breach have <a href="https://twitter.com/mgsiegler/status/1286125335314960384">been contacted</a>. </p>
</div>
<div class="col-sm-12">
<p>In total, 130 accounts were targeted in the July 15 attack; a scam campaign designed to dupe users into handing over bitcoin. Followers of Apple, Elon Musk, Jeff Bezos and others ultimately handed over more than $100,000 to the as-yet-unidentified hacker or hackers. For Apple, the scam post will go down as its first and so far only tweet. </p>
</div>
<div class="col-sm-12">
<p>DM inbox access was a lingering question in the wake of last week’s security snafu. Successful penetration of the messaging subsystem would not only grant hackers access to chat histories, but also the ability to directly communicate with a user’s contacts under false pretenses.
</p>
</div>
<div class="col-sm-12">
<p>As noted by previous reports and Twitter, a social engineering attack was employed to garner employee credentials, which were then used to access internal administration tools. With admin panel privileges the hackers were able to bypass two-factor authentication protections to change email and password credentials, granting full control over multiple accounts. </p>
</div>
<div class="col-sm-12">
<p>Twitter continues to investigate the security breach and has instituted new safeguards in a bid to thwart future attempts. </p>
</div>
</div>
https://www.sickgaming.net/blog/2020/07/...in-breach/
<div style="margin: 5px 5% 10px 5%;"><img src="https://www.sickgaming.net/blog/wp-content/uploads/2020/07/dms-of-36-high-profile-twitter-accounts-accessed-in-breach.jpg" width="800" height="440" title="" alt="" /></div><div><div><img src="https://www.sickgaming.net/blog/wp-content/uploads/2020/07/dms-of-36-high-profile-twitter-accounts-accessed-in-breach.jpg" class="ff-og-image-inserted"></div>
<p>Twitter on Wednesday revealed hackers accessed the direct message inboxes of 36 high-profile accounts in an unprecedented security breach last week. </p>
<div class="col-sm-12">
<p>The microblogging service in <a href="https://twitter.com/TwitterSupport/status/1286088135525318656?s=20">a tweet</a> said it believes DM inboxes of “up to 36” accounts were accessed, including one belonging to an unnamed elected official in the Netherlands. It was the first time a former or current elected official’s DMs were accessed in a hack, the company said. </p>
</div>
<div class="col-sm-12">
<p>Twitter has not disclosed which accounts were impacted in the incident, nor has the company said whose DM inboxes were infiltrated. Account holders affected by the breach have <a href="https://twitter.com/mgsiegler/status/1286125335314960384">been contacted</a>. </p>
</div>
<div class="col-sm-12">
<p>In total, 130 accounts were targeted in the July 15 attack; a scam campaign designed to dupe users into handing over bitcoin. Followers of Apple, Elon Musk, Jeff Bezos and others ultimately handed over more than $100,000 to the as-yet-unidentified hacker or hackers. For Apple, the scam post will go down as its first and so far only tweet. </p>
</div>
<div class="col-sm-12">
<p>DM inbox access was a lingering question in the wake of last week’s security snafu. Successful penetration of the messaging subsystem would not only grant hackers access to chat histories, but also the ability to directly communicate with a user’s contacts under false pretenses.
</p>
</div>
<div class="col-sm-12">
<p>As noted by previous reports and Twitter, a social engineering attack was employed to garner employee credentials, which were then used to access internal administration tools. With admin panel privileges the hackers were able to bypass two-factor authentication protections to change email and password credentials, granting full control over multiple accounts. </p>
</div>
<div class="col-sm-12">
<p>Twitter continues to investigate the security breach and has instituted new safeguards in a bid to thwart future attempts. </p>
</div>
</div>
https://www.sickgaming.net/blog/2020/07/...in-breach/