Buying Guides
by Review Geek

Browse All Buying Guides
How-to Geek Best Of Badge Award

Reader Favorites

8 Best Wireless Mechanical Keyboards
5 Best Places to Buy Vinyl Records Online
8 Best Hot Swappable Mechanical Keyboards
Apps to Share Your Location with Family
The 5 Best Trip Planning Apps
The Best Multi-Device Mice and Keyboards for Power Users
7 LEGO Alternatives That Still Work With LEGO Bricks

More from Review Geek

Browse All Buying Guides
Browse All Latest News

Review Geek Editorials

Why Everyone Needs to Stock up on Power Banks
I Switched to a Galaxy S21 and I Hate It
I Tried Carvana: It Was Worse Than The Dealer
Don't Buy an Electric Riding Lawn Mower
Why We Can't Recommend Wyze or eufy Cameras
Don't Buy This Fake 16TB Portable Hard Drive
You Don't Really Ever Own an EV

More from Review Geek

Browse All Reviews
Browse All Buying Guides
How-to Geek Editor Choice Badge Award

Across LifeSavvy Media

FROM LIFESAVVY
BedJet 3 Review: Personalized Bed Climate Control Made Easy
BlendJet 2 Portable Blender Review: Power on the Go
FROM HOW-TO GEEK
Onyx BOOX Tab Ultra C Review: Tempting E-Paper Tablet With Shortcomings
Samsung Galaxy S23 Ultra Review: Practical Perfection With a Hint of Restraint
We select and review products independently. When you purchase through our links we may earn a commission. Learn more.
X
Popular Searches
News

Twitter Says a Phone Spear Phishing Attack Led to Its Bitcoin Scam

Josh Hendrickson
Josh Hendrickson
Editor in Chief

Josh Hendrickson is the Editor in Chief of Review Geek and is responsible for the site's content direction. He has worked in IT for nearly a decade, including four years spent repairing and servicing computers for Microsoft. He’s also a smart home enthusiast who built his own smart mirror with just a frame, some electronics, a Raspberry Pi, and open-source code. Read more...

About Review Geek
@canterrain
| 1 min read
A smudged Twitter logo surrounded by binary.
DANIEL CONSTANTE/Shutterstock

Recently, Twitter suffered a giant hack that led to high-profile verified accounts tweeting out bitcoin scams. Hackers managed to infiltrate Twitter’s systems and use the company’s internal tools to commandeer Twitter accounts for Bill Gates, Elon Musk, Apple, and more. Now in a new update, Twitter says a phone spear phishing campaign led to all the damage.

While we knew the hackers used some form of social engineering tactic until now, we could speculate on the specific method used. Twitter says the hackers targeted employees through a phone spear phishing attack. Presumably, that involved calling Twitter employees and posing as security employees or co-workers. If that sounds like a scene out of a bad hacking movie to you, you’re not wrong.

Not every Twitter employee has access to account modification tools. So while the hackers were successful in compromising employee accounts, that didn’t immediately give access to the tools to take over accounts. But that access allowed the hackers to examine Twitter’s internal structures and determine which employees were better targets.

From there, the hackers targeted employees with account modification access. Once they had the tools, they started the real work. Over the course of several hours, the hackers targeted 130 accounts, tweeted from 45, and accessed the direct messages of 36 users. Additionally, they downloaded data from seven accounts (down from the original eight the company claimed).

In the aftermath, Twitter disabled user tools to help stem the tide of damage, and while most of those options are back online, the “download your data” feature remains disabled.

Twitter says it’s investigating ways to prevent another attack like this, including “improving our methods for detecting and preventing inappropriate access to our internal systems and prioritizing security work across many of our teams.”

Source: Twitter

Josh Hendrickson Josh Hendrickson
Josh Hendrickson is the Editor in Chief of Review Geek and is responsible for the site's content direction. He has worked in IT for nearly a decade, including four years spent repairing and servicing computers for Microsoft. He’s also a smart home enthusiast who built his own smart mirror with just a frame, some electronics, a Raspberry Pi, and open-source code. Read Full Bio »