We have all known by now how the worst Twitter hack of a decade took place last week when a hacker got inside the systems at Twitter thanks to the internal tools available to their employees. Not only that, the hacker gained access to some of the best and well-known celebrity accounts and then posted tweets regarding a bitcoin scam where an address was mentioned and people also sent bitcoins to that address not knowing that it was a hack. As per the report, around 12 bitcoins have been sent to that address which makes it one of the biggest hacks worth more than $100,000.
Now, we are here to tell you how a cybersecurity expert saw this hack and what might have happened. The report mentions that SIM swapping was used in this hack and the threat actors or hackers were able to coerce or bribe the Twitter employees to gain access to privileged account credentials which meant that everything broke down from thereon. Due to this, email accounts of celebrity accounts were changed which means the original email ID lost access to those accounts.
Hackers also turned off the two-factor authentication for the hacked accounts so that people would not know if someone is trying to log-in to their accounts with no SMSes coming to their phone number. Later, they just tweeted their bitcoin scam tweets and people fell to it before being alerted by Twitter that this was a scam. Also, Motherboard has published a story which reveals that hackers tried to convince and successfully convinced a Twitter employee to gain admin privileges which made it easy for them to hack the platform. So on all accounts, it looks like a “malicious insider” let hackers inside Twitter and allowed them to run their scam with ease and without anyone’s knowledge.