A massive Twitter hack earlier this month that hijacked the accounts of dozens of high-profile politicians, celebrities and businesses to peddle a cryptocurrency scam was the result of a spear phishing attack, Twitter said late Thursday.
To succeed, attackers in the July 15 hack needed both access to Twitter's internal network as well as employee credentials that granted access to specific support tools, Twitter said in an update. The hackers' attack relied on an approach that typically involves bogus emails disguised as legitimate ones to fool recipients into revealing passwords or other sensitive information.
"Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes," Twitter said. "This knowledge then enabled them to target additional employees who did have access to our account support tools."
Twitter said 130 accounts were targeted in the attack, with hackers managing to tweet from 45 accounts, accessing the direct message inboxes of 36 accounts and downloading the Twitter data from seven.
The large-scale and very public hack targeted the accounts of Elon Musk, Bill Gates, Kanye West, Barack Obama and other famous tech executives, entertainers and politicians. Apple, Uber and other businesses were also caught up in the sprawling hack, which Twitter later attributed to a social engineering attack on its employees.
Bogus tweets sent from the accounts offered to double the amount of Bitcoin unsuspecting readers sent to a particular address. Hackers appear to have netted more than $113,500 from the scam.
"This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems," Twitter said. "This was a striking reminder of how important each person on our team is in protecting our service.".