Stolen VPN credentials at the heart of the infamous Twitter hack

Twitter dark mode
(Image credit: Shutterstock)

The massive Twitter hack that took place back in July came about due to stolen VPN credentials. It has now been revealed that Twitter employees were tricked into handing over their account details by hackers that had managed to create a site that looked identical to the genuine VPN login page.

The hackers telephoned members of staff claiming to be from the social network’s IT department before asking for the relevant credentials. Such claims were believed because VPN issues were commonplace at the time.

The hack made headlines all over the world, with the accounts of high-profile Twitter users - including Barack Obama and Elon Musk - compromised. Many profiles were used to promote a Bitcoin scam.

Simple but effective

A report by the New York Department of Financial Services (NYDFS) has now shed more light on the breach, which was carried out in a relatively straightforward manner despite the huge technological resources at Twitter’s disposal. The NYDFS decided to look into the hack because several cryptocurrency firms that they regulate were impacted.

“The implications of the Twitter Hack extend far beyond this garden-variety fraud,” the NYDFS report read. “There are well-documented examples of social media being used to manipulate markets and interfere with elections, often with the simple use of a single compromised account or a group of fake accounts. In the hands of a dangerous adversary, the same access obtained by the Hackers – the ability to take control of any Twitter users’ account – could cause even greater harm.”

The hackers' decision to pose as an internal IT team may have proven more effective due to the sheer number of employees who would have been working remotely at the time due to the coronavirus pandemic. If businesses are to encourage more members of staff to work from home, they must first make sure that they have updated security protocols in place to prevent cybercriminals taking advantage of any potential IT issues.

Via SC Magazine

Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things. 

Latest in VPN Privacy & Security
Swiss flag with view of Geneva city, Switzerland
Secure encryption and online anonymity are now at risk in Switzerland – here's what you need to know
Demonstrators protesting against the arrest of the Mayor of Istanbul Ekrem Imamoglu block Atatürk Boulevard on March 22, 2025 in Ankara, Türkiye.
Turkey's social media ban has been lifted, but VPN usage is still high
Shape of Russia filled with Russian flag-colored internet codes on a black hacking background
A new wave of blocks in Russia targets VPN apps and Cloudflare subnets
Digital hand set location on map with two pins. AI technology in GPs, innovation delivery, map location, future transport logistic, route path concept. GPs point. New office location, change address
What does your IP address reveal about you?
A stethoscope next to a laptop on a pink background
How to check if your VPN is working
Teenager playing on a gaming PC with two monitors
Is using a VPN while gaming cheating? 5 myths you shouldn't believe about gaming with a VPN
Latest in News
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Amazon Echo Smart Speaker
Amazon is experimenting with renaming Echo speakers to Alexa speakers, and it's about time
Shigeru Miyamoto presents Nintendo Today app
Nintendo Today smartphone app is out now on iOS and Android devices – and here's what it does