The massive Twitter hack that took place in July was due to the theft of VPN credentials. It has now been revealed that Twitter employees were tricked into passing on their account details by hackers who managed to create a site that looked like the real VPN login page. The hackers called the staff pretending to be in the social network's IT department before requesting the appropriate credentials. Claims like this were believed because VPN problems were common at the time. The attack made headlines around the world, with accounts of high-profile Twitter users, including Barack Obama and Elon Musk, compromised. Many profiles have been used to promote a Bitcoin scam.
Simple but effective
A report from the New York Department of Financial Services (NYDFS) shed more light on the breach, which was done with relative ease despite the enormous technological resources at Twitter's disposal. The NYDFS decided to investigate the hack because several cryptocurrency companies they regulate have been affected. “The implications of the Twitter hack extend well beyond this garden variety fraud,” the NYDFS report said. “There are well-documented examples of the use of social media to manipulate markets and interfere with elections, often with the simple use of a single compromised account or a bunch of fake accounts. In the hands of a dangerous adversary, the same access gained by hackers—the ability to take control of any Twitter user's account—could cause even greater damage. The hackers' decision to impersonate an internal IT team may have turned out to be more effective given the large number of employees reportedly working remotely at the time due to the coronavirus pandemic. If companies want to encourage more staff to work from home, they must first ensure they have up-to-date security protocols to prevent cybercriminals from taking advantage of potential IT glitches. Via SC Magazine