from our blog

Blue Ticked Twitter Accounts Hacked

Posted by Simranjeet Singh

News & Updates, security, security threat

Elon Musk and Twitter have an odd, long but fruitful relationship. We have witnessed this time and again. In the unexpected events, Elon Musk’s Twitter got hacked and requested donations in cryptocurrency saying that he will send $2000 back for every $1000 he receives in donations. The Bitcoin wallet address was mentioned in the tweet as well.

 

The hackers didn’t stop at Elon Musk’s account only. The list of people whose Twitter account for hacked include celebrities, tech giants, and political figures such as Barack Obama, Jeff Bezos, Joe Biden, Bill Gates, Kim Kardashian, Mike Bloomberg, Uber, Apple, and Kanye West to name a few. Shockingly, this happened to all the verified Twitter accounts.

 

twitter-hackimage source

 

In totality, 130 Twitter accounts were hacked out of which the hackers successfully managed to change the passwords of the 45 accounts, and were able to download 8 full profiles using the “Your Twitter Data” tool. Direct Messages of nearly 45 accounts were also accessed including the DM of the Netherland’s elected official, Joe Biden, and former President Barak Obama.

 

Hackers accessing Direct Messages put the privacy and security of the users at risk. The private information shared on the platform can be misused by the hacker for ransom money. The high-profile users will now think twice before sharing the private information in the direct messages. Twitter, the election commission, and the candidates will now be on the guard during the next elections. One tweet can change the whole dynamics of the country.

 

bezos-hackimage source

 

This also means that the losing party can blame the election winners that they manipulated the digital platforms to shift the people’s interest in their favor. Such allegations are inevitable.

 

In a blog post by Twitter, they accepted and apologized for the situation. They stated “We're embarrassed, we're disappointed, and more than anything, we're sorry. We know that we must work to regain your trust, and we will support all efforts to bring the perpetrators to justice.”

 

The leak took place when one of the hackers allegedly portrayed to be a Twitter employee from a different department and asked for the credentials for the Twitter accounts from another team member online. The hacker said that he needs the credentials to access the customer service portal.

 

The attack took place in July 2020. This attack puts questions about Twitter’s capabilities on handling the platform in the sensitive times of elections. The current and previous attacks had the backdrop of financial incentives, but imagine what would happen if this happens during the elections. We can’t think that the hackers don’t have the potential to disrupt the next coming elections.

 

In the immediate actions to stop the spread of the hack, Twitter blocked the accounts within minutes of the breach, deleted the tweets tweeted by the hackers, blocked users from posting a Bitcoin wallet address in the tweet. It also blocked many blue ticked accounts to tweet anything. Password reset requests were also denied in case any hacker had sent that request. Some other profile functions were also disabled until they checked that everything is right and ready to start again. The hackers by mistake, revealed their identity and hints of their real names that helped the law enforcement to track them. The accused came out to be a 17-year old boy from Florida who executed the attack with the help of two friends.

 

It is speculated that the hacking was achieved by the ‘sim swapping’ technique and done under the name of the hi-jacking group called ‘OG’ – Original Gangsters. In the sim swapping technique, the hackers reach to the mobile phones of the employees of the social media companies or any other companies and make them provide the information of people’s account or anyone who they want to target.

 

The total bitcoin collected in this hack by the hackers was around $180,000. The account usernames that hackers stole were being sold by them to other users who were looking for a unique Twitter handle name. The scale at which this attack was executed was one of the major hacking attacks on Twitter to date.

 

In the more recent events, Indian Prime Minister, Narendra Modi’s personal website’s Twitter account got hacked. Here as well, the hackers requested for cryptocurrency donations for the COVID relief fund.

 

When the July major attack on twitter accounts happened, Indian authorities did send a notice to Twitter to find whether any Indian accounts got compromised or not. There was no sign of this back then.

 

The tweet posted by the hackers on Narendra Modi’s Twitter account read “I appeal to you all to donate generously to PM National Relief Fund for COVID-19. Now India begins with cryptocurrency. Kindly donate bitcoins to (bitcoin wallet address).” The tweet was posted at 3:15 AM. However, the tweet was deleted by delegated cybersecurity personnel and the account was restored within an hour of the breach.

 

When you become part of the digital ecosystem, you are vulnerable to such threats. Even the Giants like HubSpot and GoDaddy can be hacked.

 

GoDaddy got hacked in a few months back risking 28000 GoDaddy accounts and even more number of websites. GoDaddy came to know about the breach after months. Then they took action to improve the security and minimize the risk of such attack again. There are also actions that individual users need to take to keep their account more secure. That reduces the risk of a hacker attack. 

 

High-security password and two-way authentication were already there and the accounts still got hacked. This is a lesson for the other social media platforms now that they must come up with more security layers to protect the interest of the users on their respective platforms. Twitter has a bigger responsibility. It hosts official handles of political personalities, tech giants, celebrities, and other figures. Any tweet or post posted by them sometimes becomes national news. One tweet can disrupt the entire shares market. The weight of a tweet can’t be ignored and that makes it vulnerable too.

Simranjeet Singh

Written by Simranjeet Singh

Writer | HubSpot Certified Inbound Marketer and Content Marketer