Last week, attackers socially engineered or possibly bribed a Twitter employee to give them access to an internal account management control panel, which the attackers then used to take over many high-profile accounts including those of former President Barack Obama, Joseph R. Biden Jr., Elon Musk, and many other celebrities to send tweets promoting a Bitcoin scam. As Twitter’s internal investigation progresses, more information about the attack has been revealed. Attackers downloaded mass data from eight accounts, none of which were “verified” accounts according to Twitter. On Wednesday night, Twitter announced that there was evidence that the attackers accessed the direct messages of 36 accounts, including one elected official in the Netherlands. Reporters from The New York Times and Brian Krebs identified four online personas connected to the Twitter incident. An individual using the name “Kirk,” who claimed to be a Twitter employee reached out via a hacker who used the alias “lol” on the OGusers forum, which is dedicated to hijacking and selling access to high-profile or desirable Twitter accounts. “I have a twitter contact who I can get users from (to an extent) and I believe I can get verification from,” lol explained. “They are in the Client success team. No they don’t charge, and I know them through a connection.” Krebs reported that the “lol” account may belong to an individual in California who has used the name Josh Perry on possibly related accounts. Another member of the OGusers forum, known as PlugWalkJoe, was identified as Joseph O’Connor, a 21-year old resident of the United Kingdom. O’Connor gave an interview to The Times and claims that his involvement was limited to communication with “Kirk,” and that he did nothing illegal. O’Connor shared screenshots of communication on Discord, a popular messaging platform, between “Kirk,” “Alive” (which is another alias used by “lol”) and another account using the name “Ever So Anxious.” These accounts were described by The Times as middlemen who facilitated the sale of Twitter accounts from Kirk.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.