You can’t just say you didn’t see this coming.
Whatever Twitter actually comes to say about the July 15th, 2020 incident, when it experienced the most catastrophic security failure in the company’s history, it must be said that the incidents were set in motion years ago.
According to TheVerge – “Starting in the spring of 2018, scammers started to impersonate Elon Musk as a prominent enthusiast of the crypto-currency. They ‘d take his profile picture, choose a user name close to his, and tweet a deal that was promising despite being too fake: send him a little cryptocurrency and he’ll send you a lot back. The fraudster will often respond to a linked, checking account, such as the Musk-owned Space X, which gives it extra credibility. Also, hackers would amplify the fake post through bot networks, for the very same reason. “
The events of 2018 showed three things for us. Two, at least a few people fall for the scam every time — probably enough to encourage further efforts. Two, the answer Twitter gave to the threat was slow, which persisted even after the company’s initial comments that it took the situation seriously. Four, major companies and Twitter accounts of celebrities have been compromised in one of the site’s most comprehensive and confounding attacks ever seen, all in the name of promoting a bitcoin scheme that appears to make quite a bit of cash from its creator.
We don’t know how that happened, or how it could have breached Twitter’s systems. The hack has seemed to have subsided but regularly new scam tweets were published to verified accounts beginning immediately after 4 PM ET and running over two hours. Twitter accepted the situation after over an hour of silence, writing on its support website at 5:45 PM ET, “We are aware of a security breach involving Twitter accounts. We are investigating and taking action to fix it.
The hacked accounts included former President Barack Obama, Jeff Bezos Amazon CEO, Joe Biden, Bill Gates, Uber, and Apple Corporate Accounts and the pop star, Kanye West.
They came in later that day. Every single account is the one to be breached? Needless to mention, Elon Musk.
During the first hours of the threat, people were tricked into sending out more over $118,000 to the hackers, according to TheNewsDaily.com.au. It also looks very likely that a small number of sensitive direct messages could have been accessed by attackers. Yet the speed and scale at which the attack happened are of much greater significance — and the fundamental concerns it raises regarding national security.
The first and most critical question to be asked is who did this, or how? And even at press time, we do not know about it. At Vice, one of the greatest security reporters, Joseph Cox, reported that anonymous hacker group leaders are sharing screenshots that show someone has connections to an internal Twitter tool used to track their account. Cox wrote this:
Two sources near or within the anonymous hacker community started sending screenshots of an internal panel that Twitter staff claims to use to interact with Motherboard with user profiles. One origin said the Twitter panel has also been used to modify ownership of some so-called OG profiles— accounts that have a handle composed of just one or two people— as well as to advertise tweeting of the cryptocurrency fraud of high profile accounts.
Twitter has deleted screenshots from the panel and banned users who tweeted the images, claiming the tweets violate its rules.