Author Topic: Twitter Has Biggest Security Breach in History - All Accounts May be Compromised  (Read 759 times)

Offline iam4liberty

  • Survival Veteran
  • ********
  • Posts: 5063
  • Karma: 358
  • New TSP Forum member
Details are still scarce.  But apparently all Twitter accounts have been compromised.  Postings were made on accounts of prominant figures despite them being protected by strong passwords and encrypted connections.

Speculation is that Chinese communist government activated inside assets to breach Twitter to send message to U.S tech leaders, politicians, and celebrities. Guise of cyber scam was used for plausible deniability and to give China a PR talking point.   Attack comes on heels of US challenges to China on Hong Kong, South Sea, 5G networks, and coronavirus origin.

Twitter stock is plummeting.   May be a good time to consider deleting your Twitter account and moving to an uncompromised option like Parler.

Stay tuned, this is going to be an interesting ride.

https://amp.cnn.com/cnn/2020/07/15/tech/twitter-hack-elon-musk-bill-gates/index.html
Twitter accounts of Joe Biden, Barack Obama, Elon Musk, Bill Gates, and others apparently hacked
« Last Edit: July 15, 2020, 05:00:06 PM by iam4liberty »

Offline iam4liberty

  • Survival Veteran
  • ********
  • Posts: 5063
  • Karma: 358
  • New TSP Forum member
All cryptocurrency exchange twitter accounts were also breached and scams initiated.

https://cointelegraph.com/news/apparent-coordinated-twitter-attack-targets-binance-cz-gemini-and-more/amp
A Coordinated Twitter Hack is Targeting Coinbase, Kucoin, Binance, Gemini, and more

Offline iam4liberty

  • Survival Veteran
  • ********
  • Posts: 5063
  • Karma: 358
  • New TSP Forum member
They've gotten away with over $125k worth of bitcoin so far.

Tech experts are saying they were able to change email addresses and passwords and access private messages. For most people, this means they also have the email address, phone number, and other personal info.

They are recommending that if your account hasnt been used yet, you should at least change password.  Better yet is to deactivate account.  You will still have 30 days to reactivate it.

Offline iam4liberty

  • Survival Veteran
  • ********
  • Posts: 5063
  • Karma: 358
  • New TSP Forum member
Uh oh.  Images of Twitter's internal administration board have been leaked.  It verifies that trend blacklisting/shadow banning are real despite Twitter's testimony to Congress.  Twitter is suspending all accounts which post the images.




Offline iam4liberty

  • Survival Veteran
  • ********
  • Posts: 5063
  • Karma: 358
  • New TSP Forum member
Good advice here.

https://weather.com/news/news/2020-07-15-twitter-hack-national-weather-service-warnings-tornadoes
Twitter Hack Shuts Down National Weather Service Accounts During Severe Weather

Twitter accounts were silent as severe storms moved through the Midwest Wednesday night.

The incident was a good reminder to always have several ways to receive weather information.

Offline iam4liberty

  • Survival Veteran
  • ********
  • Posts: 5063
  • Karma: 358
  • New TSP Forum member
Maybe he should spend less time playing political games and more time doing his job like securing the platform from attacks.


Offline Mr. Bill

  • Like a hot cocoa mojito
  • Administrator
  • Ultimate Survival Veteran
  • *******
  • Posts: 15270
  • Karma: 1875
  • Trained Attack Sheepdog/Troll hunter
    • Website Maintenance and Online Presence Management by Mr. Bill
From Twitter Support, an hour ago:
https://twitter.com/TwitterSupport/status/1283591844962750464

Quote
Our investigation is still ongoing but here’s what we know so far:

We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.

We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it.

Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers.

We also limited functionality for a much larger group of accounts, like all verified accounts (even those with no evidence of being compromised), while we continue to fully investigate this.

This was disruptive, but it was an important step to reduce risk. Most functionality has been restored but we may take further actions and will update you if we do.

We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely.

Internally, we’ve taken significant steps to limit access to internal systems and tools while our investigation is ongoing. More updates to come as our investigation continues.

Offline iam4liberty

  • Survival Veteran
  • ********
  • Posts: 5063
  • Karma: 358
  • New TSP Forum member
It took hours for twitter to regain control.  They likely downloaded all DMs for these accounts.

https://www.newsweek.com/twitter-bitcoin-hack-direct-messages-stolen-1518247
Twitter DMs of Obama, Musk and Biden Could Have Been Stolen in Hack, Experts Warn

Screenshots of a backend panel that were circulating on social media appeared to show the culprits had the ability to change the credentials of impacted accounts, which posed one big question: what else did hackers have access to, and for how long?

"Absolutely, 100 percent that the DMs could have been compromised," Jackie Singh, founder of Spyglass Security, told Newsweek. "I mean it looks like they had 'god mode' with seemingly few limitations and we don't know how long they had it for."

Offline Stwood

  • Survival Veteran
  • ********
  • Posts: 5212
  • Karma: 74
  • Wut wuz dat Olie?

Wow. Wake up twitter................

I don't have an account there to worry about.

Offline iam4liberty

  • Survival Veteran
  • ********
  • Posts: 5063
  • Karma: 358
  • New TSP Forum member
They likely had access for days.

https://krebsonsecurity.com/2020/07/whos-behind-wednesdays-epic-twitter-hack/
Who’s Behind Wednesday’s Epic Twitter Hack?

In the days leading up to Wednesday’s attack on Twitter, there were signs that some actors in the SIM swapping community were selling the ability to change an email address tied to any Twitter account. In a post on OGusers — a forum dedicated to account hijacking — a user named “Chaewon” advertised they could change email address tied to any Twitter account for $250, and provide direct access to accounts for between $2,000 and $3,000 apiece.

Offline Redman

  • Survival Demonstrator
  • *******
  • Posts: 3789
  • Karma: 61
  • Lost in the 50's
No Twitter accounts here but I wonder if this could explain the rash of spam text messages wife and I have been getting lately.

Offline Stwood

  • Survival Veteran
  • ********
  • Posts: 5212
  • Karma: 74
  • Wut wuz dat Olie?
No Twitter accounts here but I wonder if this could explain the rash of spam text messages wife and I have been getting lately.

Hmmm. Yer getting the spam? Amazon canceled my Jalapeno Spam in S&S.  >:(

 ;D ;D

Offline Redman

  • Survival Demonstrator
  • *******
  • Posts: 3789
  • Karma: 61
  • Lost in the 50's