It’s a nice sentiment, especially coming from the upper end of Blue Tick Twitter, but we’d be damned if we thought anything like that would really happen. And damned we were.
In the days following the security breach, it has become apparent that this hack was orchestrated a group of people, rather than one individual, including a Twitter employee: “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools,” Twitter shared in an online statement, tweeted from their support account.
Since, Twitter has blocked access to the accounts known to be affected by the breach. Twitter believes that around 130 accounts were targeted and are working to find out whether any non-public data pertaining to these accounts were accessed.
An investigation by Motherboard found that the hackers were able to convince a Twitter employee to help them. Sources told Motherboard that they had paid off a Twitter insider, who “did all the work for [them]”.
Screenshots obtained by Motherboard show a panel controlling the account of crybrocurrance exchange, Binance, whose Twitter account was hi-jacked. Similar screenshots reportedly showing Twitter administrative tools were circulating, although Twitter suspended accounts sharing these images on the grounds that it went against their guidelines.
The plan is thought to have been hatched on a black market social media handle selling forum called OGUsers. Business Insider was able to obtain screenshots linking the hacking incident with this forum, where one user was selling ‘OG’ accounts for between $2000 and $3000. OG accounts, BI reports, “[are] online usernames that are short, making them potentially desirable”. Just hours before the bitcoin scam went ahead, a number of accounts with handles like ‘@6’ were hacked, too.
Despite the number of high profile accounts being used against their will, President Donald Trump was able to remain out of it. The President of the United States’ account most likely benefits from extra layers of protection, so @TheRealDonaldTrump is still up and running.
Most security experts are grateful that the twitter hack was nothing more than a money-grabbing scheme. Although it’s unclear what the hackers gained access to, we should be hopeful that it didn’t seem to be anything more sinister than theft. As far as we know, that is.