This site uses cookies to enhance your experience.  By continuing to visit this website, you consent to the use of these cookies. Click here to learn more about our privacy policy.

Sanfor Technologies Blog Background Image

Successful Twitter Attack Targets the Wealthy and Influential

Elon Musk, Barak Obama, Joe Biden, Bill Gates, Apple and Uber (among others) suddenly have more in common than bottomless bank accounts and world-famous names. The FBI has launched an investigation into the hacked Twitter accounts of a few of the United States most recognizable citizens and corporations, after several interesting Tweets appeared on the official accounts of some of the world’s wealthiest and more influential people.

Microsoft CEO, Mr Bill Gates official Twitter account announced, "Everyone is asking me to give back. You send $1,000, I send you back $2,000".

Former USA President Barak Obama’s account read, "I am giving back to my community due to Covid-19!  All Bitcoin sent to my address below will be sent back doubled. If you send $1,000, I will send back $2,000! Only doing this for the next 30 minutes! Enjoy".

360 people transferred $120,000 in bitcoin to the hackers within two hours of the Tweets going live.

Although the Tweets bear all the hallmarks of a scam, by asking for cash transfers in bitcoin and implementing a time limit, many were confused by the “Verified” or official account status. Verification of accounts is strictly controlled by Twitter and in high demand by public figures in every industry from fashion and government to politics, entertainment, or business. A small blue badge enclosing a white check-mark designates “Verified” Twitter accounts as authentic.

Twitter addressed the issue on July 15th saying, "We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.” Twitter spokespeople went on to say, “We know they used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf. We’re looking into what other malicious activity they may have conducted or information they may have accessed and will share more here as we have it".

Twitter continues to research the attack method and has thus-far only confirmed that the attack was launched when an outside attacker gained access to the account of a Twitter employee with administrative access to official accounts. The BBC contacted an independent security source who had uncovered an email address and alias of the suspected hacker. Vice Motherboard claims to have contacted the hackers who allege they were given access to the verified accounts by a Twitter employee. This isn’t the first time Twitter has been suspected of being complacent with their internal security practices, with a 2019 scandal where Twitter employees were suspected of allowing certain outsiders access to accounts suspected of being critical of the Saudi Arabian government.

Twitter is sure to take a lot of heat on this one - and in unexpected ways. With each high-profile attack the public becomes more aware of the risks associated with lax network security. Many (Presidents and billionaires among them) are already asking serious questions about the security protections in place for their data, and it’s an excellent time to consider how you will answer that question. "We’ve never been attacked" or "We are sure your data is protected" are already grossly inadequate answers for security savvy customers. What do you do to make your customers and employees feel secure, and what measures do you have in place to ensure that your customers and employees ARE secure?

Strengthen Passwords & Two-Factor Authentication
First, ensure that both customers and employees are aware of the need for stronger and more complex passwords which are changed regularly. With passwords like "iloveyou", "sunshine", and "123456" still among the most common passwords, the addition of two-factor authentication for each user could potentially make all the difference.

Zero Trust Security Model
There is some speculation that more than one employee was compromised and that they had high level access to verified accounts.  Deploying a Zero Trust security model ensures that no employee is trusted (has high level access) by default either from inside or outside the network. Some type of verification (such as the two-factor authentication above) is required for everyone wanting to gain access to trusted resources. Not allowing access by default and granting it to only those that absolutely need it has been shown to prevent data breaches. This is also not a new idea, but common sense.

Security Audits & Assessments
Conducting regular security audits and assessments of all areas of the network is another important step toward solid network security for users. Implementation of a threat identification, analysis and risk assessment service like Sangfor’s TIARA makes network security assessment easy and automated, allowing administrators to address vulnerabilities and giving them vital extra time to launch protections and defence in the event of an attack. A professional security assessment service helps you understand your current security posture, assists in making management decisions and simplifies the compliance process - all before any attack can be launched.

Incident Response Service
Taking the proper precautions is always better than seeking a cure after the worst has happened. Deployment of a professional incident response (IR) service provides closed-loop incident response for organizations, giving them heightened security capabilities in every phase of the attack chain.

User Behaviour Audit and Control
Awareness and control over network user behaviour on a daily basis is an easy way to be proactive in security protection. Using a secure web gateway (SWG) like Sangfor’s IAM gives administrators access to simple and intuitive reporting, precise and accurate application control, intelligent traffic management, and unified, network-wide management of all clients within the network.

Why Sangfor?
Sangfor Technologies is an APAC-based, global leading vendor of IT infrastructure solutions specializing in Network Security and Cloud Computing. Visit us at to learn more about Sangfor’s Security solutions, and let Sangfor make your IT simpler, more secure and valuable.