The Twitter attack may have been perpetrated by Joseph James Connor, a 21-year-old English SIM swapper linked to a group that hijacked @jack's account last year
Twitter was thrown into chaos on Wednesday after accounts for some of the world's most recognizable public figures …
Krebs on Security Brian Krebs
Related Coverage
- After This Week's Hack, It Is Past Time for Twitter to End-to-End Encrypt Direct Messages Electronic Frontier Foundation
- The Problem With Banning TikTok OneZero
- Q&A with Facebook's chief diversity officer Maxine Williams, who discusses Facebook's latest diversity report and says it is going to hire a VP of civil rights The Verge
- Twitter Restricts Sharing of Bitcoin (BTC) and Crypto Wallet Addresses After Wide-Scale Hack The Daily Hodl
- Twitter says attackers downloaded data from up to eight non-verified accounts The Irish Times
- Security News This Week: Who Pulled Off the Twitter Hack? Wired
- The Twitter Hacks Have to Stop The Atlantic
- Twitter: ‘An Update on Our Security Incident’ Daring Fireball
- Twitter Attack Was Work of Young Hacker Pals: NYT SecurityWeek
- The importance of the Twitter hack should not be missed TechnoLlama
- Twitter Struggles to Unpack a Hack Within Its Walls New York Times
- Hackers Convinced Twitter Employee to Help Them Hijack Accounts Michael Tsai
- Twitter automatically flags more than half of all tweets that violate its rules Fast Company
- Report: Twitter hackers were amateurs, not state-backed Axios
- SPACs as a Call Option on Hype The Diff
- Before hack tore through Twitter, online forum offered accounts for sale Reuters
- Twitter's hack reveals glaring security concerns around DMs The Daily Dot
- 21-Year-Old Linked to Massive Twitter Hack Newser
- Twitter Hack Update: What We Know (and What We Don't) Threatpost
- Twitter Hack Draws Reactions from Congress and the FBI InsideBitcoins.com
- Senator asks Twitter about claim worker was paid to help with hack Reuters
- Twitter is Dead to Me - What Really Happened This Week Security Boulevard
- 6 times Twitter's security was breached Decrypt
- Wednesday's Hack Shows that The Whole World Is in Your Twitter DMs Nextgov
- Why Twitter is a prime target for hackers CNN
- Twitter Hack - Security Researcher Points to Notorious Sim Swap Fraudsters Crowdfund Insider
- Twitter Releases New Details About Recent Hack of High-Profile Accounts Security Boulevard
- Xbox gets closer to Netflix for gaming with xCloud joining Game Pass, and more Android Authority
- Twitter hack fallout: Investigators on trail of cyber criminals ComputerWeekly.com
- The FBI Is Investigating the Twitter Attack That Hijacked Accounts to Promote a BTC Scam CryptoGlobe
- Twitter hack is another wake-up call about security ahead of the election CNET
- A hacker forum obsessed with super-short ‘OG’ … Business Insider
- Is this the hacker behind the huge Twitter breach? The Daily Dot
- Twitter hack: Suspect identified; why Trump's account wasn't hacked; more 9to5Mac
- Twitter Hack Of Kardashian, Obama And 130+ Other A-Listers Invites FBI Probe PYMNTS.com
- The Morning After: Sub-$700 gaming laptops and a $10,000 12K camera Engadget
- Twitter hack exploded the popularity of Bitcoin on social media CryptoSlate
- What really happened with the Twitter hack? The 6 biggest theories CyberNews
- Twitter Hackers Gained Access to Accounts Using Internal Tool MacRumors
- Twitter Hackers who Targeted High-Profile Accounts Received $121,000 in Bitcoin Coinspeaker
- Twitter Says Hackers Targeted Just 130 People in Cyber-Attack Bloomberg
- Twitter's massive hack could be even worse than it seems CNN
- 130 Twitter accounts were targeted by hackers in the grand Bitcoin scam The Next Web
- 130 high-profile Twitter accounts targeted in hacking attack The Guardian
- FBI joins Twitter hacker hunt after prominent accounts hijacked Al Jazeera
- Following the Twitter attack, Google says it temporarily prevented Twitter carousel boxes from displaying in Search results Search Engine Land
- Twitter hack exposes a huge new internal Security hole It's a Gadget
- Twitter blames social engineering for hack as a possible suspect is named SiliconANGLE
- Who's Behind Wednesday's Epic Twitter Hack? Slashdot
- Twitter hack reportedly originated with posts on a gray market forum Engadget
- The Twitter attack may have been executed by a 21-year-old SIM swapper, researcher says Input
Discussion
-
@eff
@eff
on x
It's a no-brainer that Twitter should protect your direct messages, and they have been unencrypted for far too long. https://www.eff.org/...
-
@twittersupport
@twittersupport
on x
We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
-
@somebadideas
Aaron Stewart-Ahn
on x
In this version it really does look like one of the hacks of the century was by a bunch of bros who wasted it all on clout & bitcoin https://twitter.com/...
-
@anthony
Anthony DeRosa
on x
Good technical analysis of the Twitter hack: It seems that attackers were able to use the portal access to update the email address on file for the account, revoke any 2FA settings, and then do a password reset to gain access to the account. https://medium.com/...
-
@eamonjavers
Eamon Javers
on x
The critical failure in the most damaging attacks against the United States has been of imagination. In '01 and '16, we didn't anticipate that airplanes could be suicide missiles, or Facebook posts could manipulate democracy. These were zero-day attacks of social engineering. htt…
-
@eamonjavers
Eamon Javers
on x
This is interesting disclosure from Twitter, because it implies that although the attackers had access to “internal systems and tools” they weren't able to get into every account they targeted. 2 Q's: who else were they after, and: Why couldn't they get in? https://twitter.com/..…
-
@donie
Donie O'Sullivan
on x
Here's what Twitter is saying: https://twitter.com/... https://twitter.com/...
-
@ericgeller
Eric Geller
on x
Every answer raises more questions. What does “in some way” mean? Were some accounts used for things other than tweeting the Bitcoin scam? I foresee more stern lawmaker letters. https://twitter.com/...
-
@vpkivimaki
Veli-Pekka Kivimki
on x
You could be doing everything right, like have strong 2FA, but the threat could come from the inside. Not a good idea to have anything sensitive stored in your DMs or group chats. https://twitter.com/...
-
@campuscodi
Catalin Cimpanu
on x
More Twitter updates: Only 130 accounts were targeted in Wednesday's hack. https://twitter.com/...
-
@ronwyden
Ron Wyden
on x
In September of 2018, shortly before he testified before the Senate Intelligence Committee, I met privately with Twitter's CEO Jack Dorsey. During that conversation, Mr. Dorsey told me the company was working on end-to-end encrypted direct messages. https://twitter.com/...
-
@twittersupport
@twittersupport
on x
We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We're looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.
-
@donie
Donie O'Sullivan
on x
#BREAK Twitter says approx 130 accounts targeted as part of hack. That's a lot more than the compromised accounts we know about. https://twitter.com/...
-
@mikeisaac
Rat King
on x
twitter says roughly 130 user accounts targeted in Wednesday's hack — still no concrete word on DM's but you'd have to imagine if they had full acct access they had dm access. https://twitter.com/... https://twitter.com/...
-
@erikgroset
Erik Groset
on x
So there you have it, likely PlugWalkJoe behind the great Twitter hack of 2020. Not a state actor. If DM's are safe, remains to be seen. Guy clearly loves the spotlight and reselling things. https://twitter.com/...
-
@dcbyron
David Byron
on x
“While it may sound ridiculous that anyone would be fooled into sending bitcoin in response to these tweets, an analysis of the BTC wallet... shows that on July 15 the account processed 383 transactions and received almost 13 bitcoin on July 15 — or approximately USD $117,000.” h…
-
@derekdoestech
Derek B. Johnson
on x
Some interesting dot connecting, but curious what others think. A lot of it depends on the connections made through an anonymous mobile security industry source.
-
@envirosec
Guido
on x
Talked to Brian Krebbs this afternoon about the link between the #twitterhack and the Dutch suspect. Looks like the original hacker had plans, but his friend, the Dutch ‘hacker’ KLITZ (who also defaced the account of politician @geertwilderspvv) came up with the BTC-scam plan. ht…
-
@taviso
Tavis Ormandy
on x
@colemankane @KarlShucks @dotMudge Ah, so all mitigations are really just as effective as any other, it's all the same? That's nonsense, some mitigations work and some are trash. SMS 2FA is trash, unique passwords actually work.
-
@starfire2258
Sean Hollister
on x
This is an interesting post. It also doxxes a real-life human being based on the word of a single unnamed source. That's extremely problematic. https://twitter.com/...
-
@katebevan
@katebevan
on x
My life's mission is to get people to stop using SMS for 2FA https://twitter.com/...
-
@karlbode
@karlbode
on x
So basically, the same SIM hijackers that have been bribing telecom employees for years bribed a Twitter employee to gain access to company internal tools that let them change account email addresses bypassing 2FA? https://www.vice.com/... https://twitter.com/...
-
@b52malmet
Barbara Malmet
on x
Exclusive: U.S. FBI is leading an inquiry into the Twitter hack, sources say- notable that Trump wasn't hacked. https://www.reuters.com/...
-
@twittersupport
@twittersupport
on x
[Thread] Twitter says a “coordinated social engineering attack” against employees with access to internal systems and tools allowed hackers to hijack accounts