Social media has been in headlines for past couple of weeks that too not for some good reasons. Starting with the backlash that Facebook received in the form of ‘Stop Hate for Profit’ campaign, where big companies and brands started boycotting advertising on Facebook, as a protest to the way Facebook handles hate speech and misinformation.
Then came a wave of political influx on Tiktok, after being banned by India many other countries along with the USA have also indicated to move forward in the same direction. Now it is Twitter which is in the news right now as it witnessed one of the greatest hacks ever seen on a social media platform.
All these incidences especially the Twitter hack has jolted companies and reminded them the importance of performing critical health checks of their social media accounts and the people who have access to them.
Twitter was sort of on a rise. They were doing a good job in controlling hate speech and misinformation, at least far better than Facebook and thus they would have potentially benefited from it. But the recent hack has directly attacked the goodwill that they have generated in the market along the years.
What exactly happened?
On 15th July, many high-profile accounts, including Elon Musk, Barack Obama, Joe Biden, Jeff Bezos, Bill Gates, Apple, Uber, and many more were hacked, started tweeting a message saying any bitcoin sent to a link in the tweet will be sent back doubled and stating that this offer is open only for 30 minutes.
When Twitter became aware of the breach they quickly locked most large verified accounts across the US and rest of the world. However, in merely four hours after the tweets were posted, the Bitcoin wallet that was mentioned in the tweets received over $100,000 via at least 300 transactions.
According to the statement issued by Twitter a total of 130 high-profile accounts were hacked out of which the hackers got the control of a small subset and thus were able to tweet from those accounts. The hackers were also successful in downloading data from eight unverified accounts.
How did Twitter got hacked? Who were the hackers?
There were many theories floating around the internet that who these hackers were and what was their purpose. The truth came into the light then the hackers themselves shared some crucial details regarding the incident.
As per a report from New York Times and the interview that they had with four hackers it was clear that the attack was not the work of a single country like Russia or a sophisticated group of hackers as many believed it to be. Instead, it was done by a group of young people, one of whom is 19 years old and lives at home with his mother. They got to know one another on OG users- a site dedicated to selling unusual or rare social media profiles. They all shared the same interest in owning early or unusual screen names, particularly one letter or number, like @y or @6 which is highly demanded sold at a big amount in the underground community.
It all started on 14th July as a teasing message between two hackers on Discord. The mastermind behind the attack seems to be ‘Kirk’. He introduced himself to others as an employee of Twitter and demonstrated that he could take control of valuable Twitter accounts. Others did not believe him to be a Twitter employee as he seems too eager to destroy the company.
It has been reported that ‘Kirk’ found credentials for Twitter’s backend sitting in a company Slack channel then used them to scam bitcoin and steal account details.
The real identity of Kirk, his intention and whether he shared his access to Twitter with anyone else still remains as a mystery.
The implications are huge given the fact that the most powerful and popular accounts have been hacked. Twitter has massive influence over political conversations globally, and in the US in particular, the verified handles of so many politicians being compromised at the same time is alarming.
It has been confirmed by twitter that this hack was a result of human error or intervention rather than security loopholes in the company’s systems. Unlike usual cyber-attacks, which exploit vulnerabilities in a platform’s code, hackers targeted employees of the company to get their credentials to access Twitter’s internal system. This has definitely raised many questions on the creditability and safety of data on Twitter.