The serious cyber attack that targeted numerous Twitter accounts of public figures last Wednesday in order to carry out computer scams continues to be at the center of the news both because with the passing of the hours the managers of the social network continue to provide details on the story , both because the first responses are starting to arrive from the authorities who want to evaluate the exact dynamics of the story.
What happened in brief: last Wednesday (one or more) combined hackers took control of public accounts and published tweets asking for the sending of bitcoins with the promise that the amount would be doubled. An estimated $ 110,000-120,000 has been sent in a few hours
Twitter confirmed that the attack targeted a total of around 130 accounts and that for a small subset of hackers, they managed to take control of the account and send tweets. There is no evidence that passwords have also been compromised, but Twitter has nonetheless decided to block all accounts for which an attempt has been made to change their password in the last 30 days.
The fact that an account has been blocked does not necessarily imply that it is involved in the attack; however, all accounts that have certainly been violated remain blocked, at least until Twitter considers a reactivation in total security possible.
It remains to be clarified whether the hackers had the opportunity to access the direct messages and other non-public data of the hacked accounts: on Twitter, he says: we are continuing to evaluate whether the non-public data relating to these accounts has been compromised and we will provide updates if we were to determine if this occurred. Pending further investigations, the ability to download Twitter data remains disabled.
In the long wake of tweets from the social network support service, it is added that they are working to limit access to internal systems and tools dedicated to staff to prevent similar accidents from occurring in the future
While Twitter is investigating the incident, the FBI has also decided to launch its investigations in parallel. As reported by The Wall Street Journal, the FBI fears that the coordinated attack and the system's vulnerabilities highlighted by hackers may create serious security risks related to the widespread violation of public accounts, among which important politicians stand out – remember that among the accounts involved there are also those of Barack Obama and Joe Biden.
For the moment, the FBI embraces the thesis that the main reason for the attack is linked to the desire to carry out scams to the detriment of users:
at the moment, the accounts appear to have been compromised with the aim of perpetrating cryptocurrency fraud. We urge you not to fall victim to this scam by sending cryptocurrency or money. The investigation is still ongoing, for the moment we will not make further comments.
The Attorney General of New York actually describes what the security risks could be, Letitia James, who opened an investigation into the matter:
Countless Americans rely on Twitter to read the news, participate in the public debate and listen directly to political leaders, activists and business leaders and other thought leaders. Last night's attack on Twitter raises a number of concerns about data security and how platforms like Twitter can be used to damage the political debate. I ordered my office to start an immediate investigation into the matter
The attack did not involve a user who, as known, makes extensive use of Twitter: it is always the The New York Times to speculate why what can be considered the best known political character on Twitter managed to dodge the attack. According to the source, President Trump's Twitter account can count on an additional level of protection introduced after the previous incidents that affected the social network.
The Times does not clarify what these incidents are, but the reference could go to the episode that occurred in November 2017: on his last working day at the company, a Twitter employee deactivated the Trump account that I stayed offline for 11 minutes. On that occasion Twitter – as it is doing after the recent attack – said it had started taking measures to prevent the accident from happening again, but never revealed them publicly.
It is plausible that Trump's account was further strengthened after that incident and that hackers, despite having access to employee-only administration tools, failed to pass the additional level of protection. However, these are hypotheses since Twitter – for obvious security reasons – does not provide details about it. In fact, you can't even be sure that hackers tried to take control of Trump's account in the recent attack.