Houston  Sipes

Houston Sipes

1596897780

Twitter: Epic Account Hack Caused by Mobile Spearphishing Scam

Hackers “mislead certain employees” to gain access to internal tools to take over high-profile accounts and push out a Bitcoin scam.

A mobile spearphishing attack targeting “a small number of employees” is what led to the unprecedented, major attack earlier in the month on high-profile Twitter accounts to push out a Bitcoin scam.

The company posted an update late Thursday on the situation, which has been unfolding since July 15, when 130 accounts of high-profile users such as Bill Gates, Elon Musk, Apple and Uber each were hijacked at the same time to promote a bogus advance-fee cryptocurrency deal.

“This attack relied on a significant and concerted attempt to mislead certain employees, and exploit human vulnerabilities, to gain access to our internal systems,” the company said in its update. “This was a striking reminder of how important each person on our team is in protecting our service.”

On the day of the attack, Twitter revealed that the accounts fell victim to a compromise of the company’s internal systems by a group of unidentified hackers that managed to access Twitter company tools and secure employee privileges. Until Thursday, Twitter had not yet confirmed exactly how attackers got access to those internal tools, a point that the company has now clarified.

The attack required threat actors to obtain access to both Twitter’s internal network via specific employee credentials, the company said Thursday.

Since not all of the employees that were initially targeted had permissions to use the account management tools key to the attack, the attackers used a two-step approach to hack their way in, according to Twitter. First they used the initial credentials they phished to access some of Twitter’s internal systems and learn information about company processes, according to the post.

“This knowledge then enabled them to target additional employees who did have access to our account-support tools,” the company said. “Using the credentials of employees with access to these tools, the attackers targeted 130 Twitter accounts, ultimately tweeting from 45, accessing the [direct messages (DM)] inbox of 36, and downloading the Twitter Data of seven.”

An elected official in the Netherlands was one of those whose DMs (direct messages) were leaked; however, attackers did not access data for any of the former U.S. elected officials whose accounts were breached, the company said.

Once it was aware of the attack, Twitter immediately locked down thousands of verified accounts belonging to elite Twitter users and high-profile companies to try to prevent hackers from perpetrating the scam. The attack involved sending tweets from each of the hijacked accounts to promote a bogus Bitcoin deal, which promised to double the value of Bitcoin currency sent to one specific wallet.

Twitter acknowledged Thursday that there has been “concern following this incident around our tools and levels of employee access,” and said that it’s taking steps and updating its account tools to make them more “sophisticated” to prevent such a breach in the future.

Those steps include significantly limiting access to internal tools and systems to ensure ongoing account security while the company completes its investigation. This unfortunately will result in some disruption of user account service, including limiting access to the Twitter Data download feature and other processes, Twitter acknowledged.

“We will be slower to respond to account support needs, reported tweets and applications to our developer platform,” the company said in the update. “We’re sorry for any delays this causes, but we believe it’s a necessary precaution as we make durable changes to our processes and tooling as a result of this incident.”

The company continues to investigate the attack and work with “appropriate authorities” to identify and those responsible. In the meantime, there continues to be widespread speculation and reported evidence about who may be behind the hack, but no solid conclusions.

Some of the strongest evidence about the potential perpetrators was published in a number of reports pointing to the sale of Twitter account access by hackers obsessed with so-called “OG handles,” which are short-character profile names that confer a measure of status and wealth in certain online communities.

Another plausible theory also emerged around screenshots of Twitter’s internal tools that appeared on underground forums ahead of the attacks due to a bribe of a lone rogue Twitter employee, but Twitter later refuted this claim.

The FBI is said to be taking the lead in the investigation due to the massive privacy, legislative and business ramifications of the incident.

#breach #hacks #mobile security #web security #apple #bill gates #bitcoin #data leak #direct messages #elected officials #elon musk #employee credentials #hackers #joe biden #mobile #social engineering #spear phishing #spearphishing #the netherlands #twitter #uber

What is GEEK

Buddha Community

Twitter: Epic Account Hack Caused by Mobile Spearphishing Scam
Houston  Sipes

Houston Sipes

1596897780

Twitter: Epic Account Hack Caused by Mobile Spearphishing Scam

Hackers “mislead certain employees” to gain access to internal tools to take over high-profile accounts and push out a Bitcoin scam.

A mobile spearphishing attack targeting “a small number of employees” is what led to the unprecedented, major attack earlier in the month on high-profile Twitter accounts to push out a Bitcoin scam.

The company posted an update late Thursday on the situation, which has been unfolding since July 15, when 130 accounts of high-profile users such as Bill Gates, Elon Musk, Apple and Uber each were hijacked at the same time to promote a bogus advance-fee cryptocurrency deal.

“This attack relied on a significant and concerted attempt to mislead certain employees, and exploit human vulnerabilities, to gain access to our internal systems,” the company said in its update. “This was a striking reminder of how important each person on our team is in protecting our service.”

On the day of the attack, Twitter revealed that the accounts fell victim to a compromise of the company’s internal systems by a group of unidentified hackers that managed to access Twitter company tools and secure employee privileges. Until Thursday, Twitter had not yet confirmed exactly how attackers got access to those internal tools, a point that the company has now clarified.

The attack required threat actors to obtain access to both Twitter’s internal network via specific employee credentials, the company said Thursday.

Since not all of the employees that were initially targeted had permissions to use the account management tools key to the attack, the attackers used a two-step approach to hack their way in, according to Twitter. First they used the initial credentials they phished to access some of Twitter’s internal systems and learn information about company processes, according to the post.

“This knowledge then enabled them to target additional employees who did have access to our account-support tools,” the company said. “Using the credentials of employees with access to these tools, the attackers targeted 130 Twitter accounts, ultimately tweeting from 45, accessing the [direct messages (DM)] inbox of 36, and downloading the Twitter Data of seven.”

An elected official in the Netherlands was one of those whose DMs (direct messages) were leaked; however, attackers did not access data for any of the former U.S. elected officials whose accounts were breached, the company said.

Once it was aware of the attack, Twitter immediately locked down thousands of verified accounts belonging to elite Twitter users and high-profile companies to try to prevent hackers from perpetrating the scam. The attack involved sending tweets from each of the hijacked accounts to promote a bogus Bitcoin deal, which promised to double the value of Bitcoin currency sent to one specific wallet.

Twitter acknowledged Thursday that there has been “concern following this incident around our tools and levels of employee access,” and said that it’s taking steps and updating its account tools to make them more “sophisticated” to prevent such a breach in the future.

Those steps include significantly limiting access to internal tools and systems to ensure ongoing account security while the company completes its investigation. This unfortunately will result in some disruption of user account service, including limiting access to the Twitter Data download feature and other processes, Twitter acknowledged.

“We will be slower to respond to account support needs, reported tweets and applications to our developer platform,” the company said in the update. “We’re sorry for any delays this causes, but we believe it’s a necessary precaution as we make durable changes to our processes and tooling as a result of this incident.”

The company continues to investigate the attack and work with “appropriate authorities” to identify and those responsible. In the meantime, there continues to be widespread speculation and reported evidence about who may be behind the hack, but no solid conclusions.

Some of the strongest evidence about the potential perpetrators was published in a number of reports pointing to the sale of Twitter account access by hackers obsessed with so-called “OG handles,” which are short-character profile names that confer a measure of status and wealth in certain online communities.

Another plausible theory also emerged around screenshots of Twitter’s internal tools that appeared on underground forums ahead of the attacks due to a bribe of a lone rogue Twitter employee, but Twitter later refuted this claim.

The FBI is said to be taking the lead in the investigation due to the massive privacy, legislative and business ramifications of the incident.

#breach #hacks #mobile security #web security #apple #bill gates #bitcoin #data leak #direct messages #elected officials #elon musk #employee credentials #hackers #joe biden #mobile #social engineering #spear phishing #spearphishing #the netherlands #twitter #uber

Houston  Sipes

Houston Sipes

1596882720

Twitter: Hackers Accessed Private Messages for Elite Accounts

A Dutch elected official is among those whose DMs were hijacked, the company said.

Hackers accessed direct messages (DMs) for 36 of the 130 high-profile users whose accounts were hacked in an unprecedented account breach last week, Twitter confirmed Wednesday.

An elected official in the Netherlands was one of those whose DMs were compromised, the company tweeted in an update late Wednesday, as part of Twitter’s interest in sharing “more specifics about what the attackers did with the accounts they accessed.”

At this time, it appears that the Dutch official was the only government official (previous or current – Joe Biden and Barack Obama were also part of the original hack) whose private messages suffered that fate, the company said.

“To date, we have no indication that any other former or current elected official had their DMs accessed,” Twitter added.

The company also tweeted a clarification to differentiate between a previous update to the hack in which they said hackers downloaded an archive of “Your Twitter Data” from eight of the 130 accounts, adding that none of these were verified accounts. Twitter previously said that for the “vast majority” of compromised accounts, the unknown attackers were unable to access this private account information.

Twitter continues to “actively” work to contact account holders with updates as the situation unfolds, the company said. Indeed, more than a week later, the social media giant continues to scramble to piece together what led to the epic hijacking of accounts that it first revealed on July 15, as it learns more information about what actually happened.

On that day, the company said that Twitter accounts of elite users such as Bill Gates, Elon Musk, Apple and Uber were all hijacked at the same time to push a cryptocurrency scam.

Twitter immediately locked down thousands of verified accounts belonging to high-profile Twitter users and high-profile companies to try to prevent hackers from perpetrating the scam, which involved sending tweets from each of the hijacked accounts to promote a bogus advance-fee cryptocurrency deal, promising to double the value of Bitcoin currency sent to one specific wallet.

Eventually, Twitter revealed that there was a compromise of the company’s internal systems by a group of unidentified hackers; they managed to gain access to Twitter company tools and secured employee privileges to mount a widespread social-engineering attack.

At the time, one security researcher called the incident “100-percent unprecedented”: “We have never seen such a large and simultaneous number of Twitter accounts hijacked at the same time,” Satnam Narang, staff research engineer at Tenable, told Threatpost.

Since then there has been widespread speculation and reported evidence about who may be behind the hack, but no solid conclusions.

Some of the strongest evidence about the potential perpetrators was published in a number of reports pointing to the sale of Twitter account access by hackers obsessed with so-called “OG handles,” which are short-character profile names that confer a measure of status and wealth in certain online communities.

Another plausible theory also emerged that that screenshots of Twitter’s internal tools appeared on underground forums ahead of the attacks due to a bribe of a lone rogue Twitter employee, but Twitter later refuted this claim.

At this time the FBI is said to be taking the lead in the investigation due to the massive privacy, legislative and business ramifications of the incident.

In the wake of the DM revelations, Fight for the Future has launched a new effort calling for the company to implement default end-to-end encryption on DMs.

“Given that Twitter is especially popular with journalists and activists speaking out against repressive governments, we think it’s fair to say that DMs leaking en masse could put people’s lives at risk,” a Fight the Future spokesperson told Threatpost. “iMessage, WhatsApp, Signal, and heck, even Facebook offer end-to-end encryption. Twitter needs to follow suit ASAP.”

#breach #cloud security #hacks #web security #account compromise #apple #bill gates #cryptocurrency scam #cyberattack #data leak #direct messages #dms #elected officials #elon musk #hack #hackers #joe biden #the netherlands #twitter #uber

Rahim Makhani

Rahim Makhani

1616669264

On-Demand Mobile App Development Services in USA

Mobile apps are developing day-by-day and the usage of mobile apps is also increasing. There are many mobile app development company that are providing services for on-demand mobile app development services.

One of the leading mobile app development company in the USA is Nevina Infotech. It is the best known for providing on-demand app development services till now.

Our On-Demand Mobile App Development Services:-

iPhone App Development
Android App Development
iPad App Development
Game App Development
ionic App Development
Wearable App Development
Flutter App Development

#mobile app development company #mobile app development services #mobile application development services #mobile application development company #mobile app development company usa

My Mobile Phone Got Hacked and Here Is How You Can Protect Yourself

Disclaimer

Some of my friends were saying, my mobile phone didn’t hack and I am doing a prank. Then before you read my hacking story, I want to give you a disclaimer that it’s not a prank or fake story, and everything you will read it’s based on my real-life experience. If you think it’s fake then you can happily close the window. But there are some tips mentioned in this story which you must read because that could prevent your device from this kind of hacking.

Muzamil Shahbaz mobile phone got hacked

First Attack

If you think only celebrities get a hacking attack then change your mind because the victim can be anyone. So in February 2019, I started a blog with the name GeekDirector, surprisingly I consider it my first startup with no social media presence. But anyhow, I was the only one who was writing blogs on it, and unfortunately, I was able to write only four articles. After six months, I opened my blog and it was approved with Google Adsense. I was very happy because the earnings on it had been started.

After some days, my Google Account was hacked and the hacker deleted my blog and Adsense account. It was a very depressing situation for me. Fortunately, I downloaded the backup file of my blog in my system but my earnings were gone. I was not able to recover my Adsense account because Google has a policy that you can’t create more than one Adsense account. However, I was contacting Google for the recovery but all in vain. In the meantime, I started a new startup, a digital marketing agency, with some people. But It was not giving me pleasure.

#hacker #hacking #mobile #mobile-hacking #mobile app

Ron  Cartwright

Ron Cartwright

1603526400

Researcher: I Hacked Trump’s Twitter by Guessing Password

Dutch ethical hacker Victor Gevers claims it only took five attempts to guess the password to President Donald Trump’s Twitter account — “maga2020!”.

That’s all he needed to hijack the @realdonaldtrump handle, according a report from Dutch newspaper de Volksrant, because it lacked even the most basic two-factor authentication (2FA), exposing major flaws in the digital security surrounding the President.

While Threatpost has not been able to independently verify the veracity of Gevers’ claim of the Oct. 16 hack of Trump’s Twitter, several professionals have analyzed screenshots and vouch for their authenticity, according to Dutch magazine Vrij Nederland, which added that Gevers works for the Dutch government by day and runs the ethical hacking GDI Foundation in his spare time — and so is well regarded within the country’s security community.

Twitter Safety & 2FA

Twitter, however, said it is dubious about the report.

“We’ve seen no evidence to corroborate this claim, including from the article published in the Netherlands today,” a Twitter spokesperson said in a statement responding to Threatpost’s inquiries. “We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government.”

An announcement on Sept. 17 from Twitter Safety said the company was sending in-app notifications “requiring” or “strongly recommending” enhanced security measures, including a requirement for a strong password, to members of government and journalists in the run-up to the election.

The policy goes on to “strongly encourage” these accounts enable 2FA but does not say it’s a requirement.

2FA requires users have a one-time generated code, sent by email or text, which needs to be entered to login. This keeps bad actors from accessing the account even if they have the username and password.

Duty to Report

Gevers said that after he successfully hacked the president’s Twitter account he went to great lengths to report the vulnerability, sending emails, screenshots and social-media messages to various U.S. government entities through Twitter, Parler and other platforms, de Volkskrant reported. Days later, he found the 2FA to be in place and two days after that, he received a friendly email from the Secret Service thanking him.

While that didn’t do much to explain how it came to be that Trump didn’t have basic protections on his Twitter account, Gevers speculated to de Volkskrant that it has something to do with his age, adding, “…elderly people often switch off two-step verification because they find it too complicated.”

This isn’t the first time Gevers was reportedly able to commandeer the infamous Twitter handle. In 2016, he was part of a group of self-described “grumpy old hackers” who accessed Trump’s Twitter account by guessing the password “yourefired,” Vrij Nederland reported. The group tried to alert team Trump that, “he had his digital fly open,” with no response at the time, Vrij Nederland added.

Gevers told de Volkskrant that it was recent headlines about presidential candidate Joe Biden’s son, Hunter Biden being hacked that inspired him to start spot-checking accounts for U.S. political figures.

“Doing spot checks, that’s my work: Look for any leaks in security,” he said. When he got to Trump’s account, he tried a few variations, expecting to get locked out after the fourth failed attempt, instead he hit the jackpot on try number five, according to de Volkskrant.

Gever’s reaction, according to Vrij Nederland? “Not again!”

Election & Data Security

This report comes at a time when U.S. law-enforcement officials warn Russia and Iran are actively engaging in election interference through hacked voter-registration information.

Cybercriminals are “going after the minds of the American people and their trust in the democratic institutions that we use to select our leaders, “Matt Olney, director of Talos’ Threat Intelligence and Interdiction at Cisco told Threatpost this week.

The good news is that the public is getting smarter about information security.

“Everybody has a role in election security,” Olney explained. “And that includes the election community who have gone at that problem aggressively over the last four years; [and] the public, which has largely adopted a more skeptical eye towards information as it comes out, for better or worse.”

#breach #hacks #web security #2fa #dutch researcher #hack #password #trump #trump hack #twitter #two factor authentication #victor gevers #weak password