Stolen VPN credentials at the heart of the infamous Twitter hack

News
By published

Hackers posed as internal IT staff

Twitter dark mode
(Image credit: Shutterstock)

The massive Twitter hack that took place back in July came about due to stolen VPN credentials. It has now been revealed that Twitter employees were tricked into handing over their account details by hackers that had managed to create a site that looked identical to the genuine VPN login page.

The hackers telephoned members of staff claiming to be from the social network’s IT department before asking for the relevant credentials. Such claims were believed because VPN issues were commonplace at the time.

The hack made headlines all over the world, with the accounts of high-profile Twitter users - including Barack Obama and Elon Musk - compromised. Many profiles were used to promote a Bitcoin scam.

Simple but effective

A report by the New York Department of Financial Services (NYDFS) has now shed more light on the breach, which was carried out in a relatively straightforward manner despite the huge technological resources at Twitter’s disposal. The NYDFS decided to look into the hack because several cryptocurrency firms that they regulate were impacted.

“The implications of the Twitter Hack extend far beyond this garden-variety fraud,” the NYDFS report read. “There are well-documented examples of social media being used to manipulate markets and interfere with elections, often with the simple use of a single compromised account or a group of fake accounts. In the hands of a dangerous adversary, the same access obtained by the Hackers – the ability to take control of any Twitter users’ account – could cause even greater harm.”

The hackers' decision to pose as an internal IT team may have proven more effective due to the sheer number of employees who would have been working remotely at the time due to the coronavirus pandemic. If businesses are to encourage more members of staff to work from home, they must first make sure that they have updated security protocols in place to prevent cybercriminals taking advantage of any potential IT issues.

Via SC Magazine

Barclay Ballard
Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.