What Happened In The Twitter Attack Of July 2020?

  • Home
  • /
  • What Happened In The Twitter Attack Of July 2020?

Share

what happened in the twitter attack

Tuesday, 15th July was a busy day for Twitter. A large-scale attack that won’t be forgotten anytime soon was done with many high-profile users (verified ones). It involved bitcoins, social engineering, and a long day for those working in Twitter’s cybersecurity department. While most of you might’ve heard bits and pieces of what happened, let us have a look at the actual picture.

 

twitter-hacked

The Attack

A lot of verified accounts put out similar tweets on Tuesday. While the wording wasn’t exactly the same, they all had the same information. These people and corporations said that they wanted to give back to the community. Any amount of Bitcoin sent to the Bitcoin wallet address would be returned to the senders after doubling their amount. 

While these tweets came from users known to use their personal devices, they were expected to be authentic. But if you looked closely enough, you could notice that all the tweets mentioned the same wallet address. The founder of Gemini, the cryptocurrency company Cameron Winklevoss tweeted that the tweets were a scam and nobody should be participating in them. Ironically, even Gemini’s account was compromised.

The attack featured a long list of accounts including but not limited to Elon Musk, Barack Obama, Jeff Bezos, Bill Gates, Wiz Khalifa, Apple, and Uber. The widespread nature of this attack makes it one of the largest attacks to happen on a social media platform

The Impact

While most people saw the tweets for what they were – hoaxes, some people ended up falling for the attack. The Bitcoin wallet linked to the mentioned address was found to have been credited with around $115,00 in the past 24 hours. While this is a huge amount in terms of value, it is not sure how much of this amount is part of the attack.

Twitter’s Response

An attack of this scale took everyone by surprise, especially Twitter’s security team. Twitter removed all tweets soon after the attack and even had to partially shut down its network. Twitter also disabled tweeting functionalities for verified attacks (ones with a blue tick) for a while to ensure that they had control of the network.

Twitter CEO Jack Dorsey tweeted that it was “a tough day at Twitter” and the issue was being diagnosed and everything would be shared once they get a complete understanding of what happened.

 

 

Later that day, Twitter revealed that they detected a social engineering attack targeting some of their employees. The employees who were targeted had access to internal systems and tools which in turn were used to carry out the attack.

This attack has hit Twitter’s reputation in a huge manner. Many celebrities and brands use Twitter as a medium of communication, with the belief of it is an authentic safe space. This attack questions the safety provided by Twitter. Moving forward, Twitter would need to devise a way to check for the authenticity of tweets on their platform. 

While this wasn’t the first breach involving high-profile accounts on Twitter the magnitude of this attack is what raises concerns.

Read More: WhatsApp Pink Scam: How Clicking on a Link Gets Your Phone Hacked

Previous Account Compromises

In 2009, US President Donald Trump’s Twitter account was taken down for 11 minutes by a departing employee. Twitter put safeguards in place to ensure something of the sort doesn’t happen again, without mentioning what kind of safeguards they were.

Last year, Jack Dorsey, CEO of Twitter also had his account hacked by a group that calls themselves the Chuckle Squad. Many offensive tweets were sent from his account. It was later found that the phone number linked to the account was compromised. It was also revealed that no internal breaches were detected during the attack.

In 2013, the Twitter account of the Associated Press was compromised and a tweet saying that the White House was under attack, caused mass hysteria amongst the public.

The Bright Side

While the attack does question Twitter’s safety, experts express relief saying that the accounts were used for monetary gains and not to spread fake information, citing the 2013 attack on the Associated Press Twitter account. Considering the fact that multiple accounts were breached this time and with the current situation requiring people to stay safe indoors, it would’ve been catastrophic at the least, if fake news was what the cybercriminals wanted. 

To sum it up, this incident was another reminder that nothing in the digital space is safe and 100% privacy can be taken as a blind promise. The safety of the digital world is a myth and hacks can occur from anywhere, exploiting the smallest of vulnerabilities. Constant vigilance is required in the digital world, for the internet is dark and full of terrors.

Contributors: Navaneeth S, Labeeb Ajmal

Picture of Anjali K

Anjali K

Anjali is a cybersecurity researcher with expertise in simplifying complex topics, from penetration testing to cloud security frameworks. Her work focuses on making essential security practices accessible, helping businesses and individuals adopt proactive measures to strengthen their digital defenses.

Share

Join a secure newsletter.

Secure, disturbance free and spam-free

Leave a Reply

Protecting Small Businesses from COVID-19

Our committment towards small businesses is now affordable.

Starting From

$349

Enquire Now

Ask our experts.

Quick Contact

Talk to our team

Protecting your Business

Book a free consultation with us .

Enquire Now

Ask our experts.

Quick Contact

Talk to our team