Twitter reportedly stepped up efforts to find new Information Security Chief prior to hacking attack
Sputnik news agency and radio 09:47 GMT 17.07.2020
This week Twitter experienced an unprecedented hacking attack which saw a large number of high-profile verified accounts compromised by a bitcoin scam. Reports later emerged that a Twitter staffer might have been paid to help the hijackers carry out the assault by providing access to the platform’s key internal tool.
Twitter had stepped up its efforts to hire a Chief Information Security Officer in the two weeks prior to the hacking attack, Reuters reported citing two sources familiar with the matter.
Twitter has not had a permanent chief security officer since December. Michael Coates, who held the role since 2015, left the company in May 2018 to start his own business Altitude Networks. He was temporary replaced by former JP Morgan Chase executive Joe Camilleri and then by Mike Convertino in January 2019. However, he also did not hold the position for long.
Massive Hack
On Wednesday, hackers carried out a “coordinated social engineering attack” against high-profile Twitter accounts, the company’s support team said. Scam messages calling upon users to send bitcoins to receive them “back doubled” appeared on the Twitter feeds of SpaceX’s Elon Musk, ex-US president Barack Obama, Microsoft founder Bill Gates, presumptive Democratic candidate Joe Biden, and the corporate accounts of Apple, Gemini, Binance and many others. The account of US President Donald Trump remained untouched by the attack, White House Press Secretary Kayleigh McEnany said.
According to the FBI's San Francisco Division, which is leading the investigation into the incident, the accounts were compromised “to perpetuate cryptocurrency fraud”. It is suggested that the scammers managed to receive around $121,000 in bitcoins.
Twitter Insider is to Blame?
A recent report by Vice’s Motherboard, which cited sources from the hacking community responsible for the attack, suggested that hijackers may have collaborated with a Twitter employee who was paid to “literally” do “all the work” for them. The report also cited a statement from a Twitter spokesperson, alleging that the staffer could have either provided the hackers with access to an internal administrative tool or hijacked the accounts themselves. Leaked screenshots of the internal panel of some compromised accounts were making the rounds on social media on Wednesday before being deleted by Twitter, citing a breach of the company’s rules.
So far, Twitter has publicly described the incident as “a coordinated social engineering attack” which was carried by people who “successfully targeted some of our employees with access to internal systems and tools” and then “used this access to take control of many highly-visible (including verified) accounts”.
The company believes that “approximately 130 accounts” were hijacked to commit cryptocurrency fraud. While the investigation into the incident is still ongoing, Twitter said that some users may still experience problems with some of the platform's features.