Twitter logo. (AP Photo/Jeff Chiu)

Twitter racing to unravel mystery cyberattack

Some of the world’s most prominent names had their Twitter accounts post invitations for an apparent Bitcoin scam

As Twitter Inc. grapples with the worst security breach in its 14-year history, it must now uncover whether its employees were victims of sophisticated phishing schemes or if they deliberately allowed hackers to access high-profile accounts.

On Wednesday, some of the world’s most prominent names, including former president Barack Obama and Democratic candidate and his former vice president Joe Biden, along with Bill Gates, Elon Musk and Warren Buffett, had their Twitter accounts post invitations for an apparent Bitcoin scam. Twitter reacted by blocking further posts from all verified accounts on the service and said it had detected “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”

The company’s explanation has ignited speculation over the identity of the perpetrators and what they were actually targeting in the attack. The scale of the endeavor and its timing —months before the November U.S. elections —have given rise among cybersecurity experts to theories that the attack masked a more nefarious campaign to seize sensitive data.

In its investigation of the incident, Twitter will now likely focus on employee logs, email and phone records. At question will be any failures in authentication processes that might have allowed hackers to hijack verified accounts, and also what other information, such as direct messages, might have been compromised in the breach. The Bitcoin wallets promoted in the tweets collected around $120,000 in cryptocurrency.

Twitter shares were down about 6% in pre-market trading on Thursday.

A social engineering attack means “leveraging the human element of security” and there are many different ways to do that, said Rachel Tobac, Chief Executive Officer of San Francisco-based SocialProof Security.

“I can phish someone who has administrative access and try and gain access to their credentials and log into their account,” she said, or the less technical method would be to develop “a relationship with someone who works on those panels and convincing them to do your bidding for you.”

Security awareness at companies like Twitter would be mandatory, but ultimately it’s hard to track insider attacks when it’s the employees rather than the technology who fall under the microscope, Tobac said.

“It used to be the Nigerian prince letter with a bunch of spelling mistakes, and now it’s something that almost looks legitimate, but it always starts with a person,” said Frances Dewing, the CEO of cybersecurity firm Rubica Inc., based in Seattle.

“There’s a playbook for doing this, there are cybercriminal organizations that make millions of dollars. It’s the fastest growing business in the world,” she said.

And there is no accounting for disaffected workers, as Twitter learned in 2017 when an employee deactivated President Donald Trump’s account before it was quickly restored.

Identifying potential Twitter employees to target wouldn’t be difficult for the hackers, given the way most smartphone apps hungrily vacuum up location and other contextual data from users —data which is often then sold on to marketing companies. Anyone frequenting the same coffee shops and businesses or entering and leaving a workplace at particular hours can give away clues about themselves.

Cybersecurity experts can only speculate until Twitter itself reveals what happened and where the failures occurred, but even this kind of show of force —a demonstration by hackers to earn credibility or gain infamy —isn’t convincing them that a Bitcoin scam was all there was to the operation.

With U.S. elections looming, the cyber landscape is ripe for a major attack. Stas Protassov, co-founder and president of global technology firm Acronis said the attack was “too prepared to be just a cryptocurrency scam.”

“We don’t believe that’s all the hackers went into once they got access,” he said in an email. “The attack is too big and too noisy and likely covering a bigger play. We’ve yet to see the full impact of what this was about.”

Tobac also raised the possibility that the attack could have been a distraction while hackers harvested private direct messages and any other confidential data to be able to deploy at a more critical time. So while the initial disruption to Twitter’s service appears to have been patched over and the company is gradually restoring normal operation, the lingering effects of this breach might have much wider effects than Wednesday’s spectacle.

“Maybe they were doing something insidious and this was just a cover up,” she said. “There’s no way for us to know, we can just speculate.”

Whatever happened, Twitter must be completely candid about the cause of attack once it’s established, Tobac said. “This was such a public meltdown that if they’re not completely transparent it would damage their brand further.”

Jamie Tarabay, Bloomberg News

Like us on Facebook and follow us on Twitter.

Want to support local journalism? Make a donation here.

social media

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

RCMP stock photo (Black Press)
Charges laid against Prince George man, 39, in drug trafficking probe

Tyler Aaron Gelowitz is scheduled to appear in court Nov. 18

B.C. doctors encourage patients to reach out for telephone or online care during the COVID-19 pandemic. (Unsplash)
How was your virtual care experience through the Omineca Medical Clinic?

The clinic has an online survey for patients in the region

Blackwater Gold Mine. (File photo)
Artemis Gold plans phased approach for Blackwater Project

Artemis Gold will directly employ up to 580 people during the initial construction period

John Rustad poses for a photograph infront of St. John Hospital in Vanderhoof after he made the announcement of investing in Hospitals in the area. (Aman Parhar/Omineca Express)
Rustad announces St. John Hospital upgrade if BC Liberals are elected

The incumbent BC Liberals MLA for Nechako Lakes made the announcement on Tuesday, Oct. 13.

Lesley Chaisson, Manager, Vanderhoof Chamber of Commerce. (Submitted photo)
“We Are Open Campaign”: Vanderhoof Chamber promoting local businesses

Chamber embarks on multi-faceted approach to promote small business

B.C. Liberal leader Andrew Wilkinson, B.C. NDP leader John Horgan and B.C. Greens leader Sonia Furstenau. (Black Press Media)
VIDEO: One day until B.C. voters go to the polls in snap election defined by pandemic

NDP Leader John Horgan’s decision to call an election comes more than a year ahead of schedule and during a pandemic

100 Mile Conservation officer Joel Kline gingerly holds an injured but very much alive bald eagle after extracting him from a motorist’s minivan. (Photo submitted)
B.C. driver thought he retrieved a dead bald eagle – until it came to life in his backseat

The driver believed the bird to be dead and not unconscious as it turned out to be

Chastity Davis-Alphonse took the time to vote on Oct. 21. B.C’s general Election Day is Saturday, Oct. 24. (Chastity Davis-Alphonse Facebook photo)
B.C. reconciliation advocate encourages Indigenous women to vote in provincial election

Through the power of voice and education Chastity Davis-Alphonse is hopeful for change

White Rock RCMP Staff Sgt. Kale Pauls has released a report on mental health and policing in the city. (File photos)
White Rock’s top cop wants to bill local health authority for lengthy mental-health calls

‘Suggestion’ included in nine-page review calling for ‘robust’ support for healthcare-led response

A Le Chateau retail store is shown in Montreal on Wednesday July 13, 2016. Le Chateau Inc. says it is seeking court protection from creditors under the Companies’ Creditors Arrangement Act to allow it to liquidate its assets and wind down its operations.THE CANADIAN PRESS/Ryan Remiorz
Clothing retailer Le Chateau plans to close its doors, files for CCAA protection

Le Chateau said it intends to remain fully operational as it liquidates its 123 stores

Join Black Press Media and Do Some Good

Pay it Forward program supports local businesses in their community giving

Green party Leader Sonia Furstenau arrives to announce her party’s election platform in New Westminster, B.C., on October 14, 2020. THE CANADIAN PRESS/Jonathan Hayward
B.C. Green party says it’s raised nearly $835,000 in 38 days

NDP Leader John Horgan is holding his final virtual campaign event

U.S. border officers at the Peace Arch crossing arrested two men on California warrants this week. (File photo)
Ottawa predicts system delays, backlogs unless court extends life of refugee pact

Canada and the United States recognize each other as safe places to seek protection

BC Liberal leader Andrew Wilkinson,  BC NDP leader John Horgan and BC Green leader Sonia Furstenau. (File)
B.C. VOTES 2020: Climate change and sustainability promises from the parties

Snap election has led to a short campaign; here’s the lowdown on the platforms

Most Read