Earlier this week, Twitter locked down thousands of verified accounts, including the accounts of Joe Biden, Bill Gates, Elon Musk, Apple, Uber and others, after it became clear that hackers had been able to compromise them. The tip-off? Suddenly these high-profile accounts were all tweeting out identical links to a cryptocurrency scam.
But what exactly happened? As Threatpost reported on Wednesday, Twitter’s internal investigation is ongoing, but the social-media giant did say that hackers had somehow compromised the company’s internal systems and secured employee privileges. Beyond that, a raft of sources are offering bits and pieces of the puzzle – some verified, some not.
On Saturday, Twitter posted a 900-word summary of the attack outlining what it knows. It stated that the company was hit with a social engineering “scheme” targeting a small number of employees. Those targets were manipulated to perform “certain actions” and divulge confidential information.