So, they are basically saying twitter employee has the access to email, password and 2FA of users. This is an absurd negligence from the twitter team and they should be held responsible for any loss occurred. Social engineer would get access to peoples personal things not that of it's employees. There's more than social engineering involved.
Topic: Twitter hacked account. Details about what really happened - page 2. (Read 225 times)
I worked before as I technical support staff, so we have access to the system, so we all know that the first lesson is not to engage to anyone from outside, otherwise its a recipe for a disaster, which eventually happen. You will always treat in like outside threat, and now that it seems Twitter has been exposed already. Maybe they just used this "Social Engineering" term, but it has more to it, I guess.
So you meant that there's a possibility that hacked happened was might an inside job? Or maybe I have an assumption that the hacker was also ex-technical support staff. Because hackers know what is the weakness of the system, through by this hackers was able to manipulate the system and compromised those high-profiled accounts. And here is the thing that comes up in my mind, why it took so long time before they froze those hacked accounts or even delete the hack attempt tweet? Hmmm.Speaking of high profile accounts, I wonder why President Donald Trump didn't hack his account.
Probably because hackers know that he isn't Bitcoin's friendly.I noticed that the Twitter company didn't state how they will improve their security system.
At this time, we believe attackers targeted certain Twitter employees through a social engineering scheme. What does this mean? In this context, social engineering is the intentional manipulation of people into performing certain actions and divulging confidential information.
Social engineering? Do you also mean it includes hypnotism? Correct me if I'm wrong my fellow Filipinos, I think we had a local version for it which is called "Budol budol" . Where the fraudsters will suddenly approach you out of nowhere and then talk with you a lot until you let your guard down and will not notice that you are already complying with their demands. But I still do not believe on this thing because all of us got their own free will. If you really do not want to spill the confidential data then you won't do it at all. So maybe there's an extortion happened or the worst is an inside job.
Ehm, so this also means that Twitter employees has tools that will allow them to manipulate your account? What's the limit there?
I think that's really dangerous, not to mention hacking like this can happen again, but they can potentially abuse their rights and sell your data. Not sure if this is the standard practice there but I'd never use any personal details to use the website if I knew this. They could sell the accounts and then said "Nah you guys might be phished somewhere".
I think that's really dangerous, not to mention hacking like this can happen again, but they can potentially abuse their rights and sell your data. Not sure if this is the standard practice there but I'd never use any personal details to use the website if I knew this. They could sell the accounts and then said "Nah you guys might be phished somewhere".
Anw, considering how the hacks went, it was understandable how there were inside works, and if there weren't it'd actually make these hackers quite insane imo. I can't really blame the staff if they got tricked into doing something they didn't even know was wrong. It's not that they were ignorant but rather the actions done by the hackers didn't seem like it'd actually affect their system, that is, in their eyes. It is kind of odd though, how they're internal staff were the ones that got tricked. That, or they're pretty much hiding some info to avoid their system from being doubted. The Social Engineering trick did happen, but who knows if they really got in through internal staff though.
I worked before as I technical support staff, so we have access to the system, so we all know that the first lesson is not to engage to anyone from outside, otherwise its a recipe for a disaster, which eventually happen. You will always treat in like outside threat, and now that it seems Twitter has been exposed already. Maybe they just used this "Social Engineering" term, but it has more to it, I guess. 
What's it called, Social Engineering? Heard it about in a hacking movie in the past where the guy was basically able to manipulate employees into allowing him to do stuff that looks fine, but really isn't. Got the name from the movie Who Am I.
Anw, considering how the hacks went, it was understandable how there were inside works, and if there weren't it'd actually make these hackers quite insane imo. I can't really blame the staff if they got tricked into doing something they didn't even know was wrong. It's not that they were ignorant but rather the actions done by the hackers didn't seem like it'd actually affect their system, that is, in their eyes. It is kind of odd though, how they're internal staff were the ones that got tricked. That, or they're pretty much hiding some info to avoid their system from being doubted. The Social Engineering trick did happen, but who knows if they really got in through internal staff though.
Anw, considering how the hacks went, it was understandable how there were inside works, and if there weren't it'd actually make these hackers quite insane imo. I can't really blame the staff if they got tricked into doing something they didn't even know was wrong. It's not that they were ignorant but rather the actions done by the hackers didn't seem like it'd actually affect their system, that is, in their eyes. It is kind of odd though, how they're internal staff were the ones that got tricked. That, or they're pretty much hiding some info to avoid their system from being doubted. The Social Engineering trick did happen, but who knows if they really got in through internal staff though.
Also goes to show that Twitter has some kind of backdoor panel that can really access any accounts regardless if you have 2FA. And maybe the hackers have somewhat other plans besides using bitcoin, to look for data because the hacks not just involved crypto personalities, but those people political people and rich and billionaires. And that is why the FBI is stepping into the picture to investigate this further.
Twitter support released a statement today about how the hacker was able to manipulate over 100 twitter accounts. Source
It doesnt matter on whats the actual reason on said breach or twitter account hacks.Its just that their employees are just too dumb or they do suck when it comes to security.
Neither one of those reasons, surely Twitter does really have that kind of negative impression by its users but at least they are trying to solve out everything but i dont fully
100% trusting up on the words that they've been telling on public.We wont know if whats the actual reason if its totally social engineering attack or whatsoever.
This has been the very news since yesterday, been seeing a lot of posts about it and upon reading I don't really believe that those attacks were just too miraculous to happen. We have seen an attacks from twitter accounts but none of those were belong to the verified and popular personalities including Joe Biden, which is a pro-bitcoiner I must say which also makes him as a target. This is what @theymos also sees as a reason, this includes the twitter support so they can get through the 2FA protections, very clever indeed.
hero member
Activity: 2646
Merit: 651
Want top-notch marketing for your project, Hire me
Twitter support released a statement today about how the hacker was able to manipulate over 100 twitter accounts. Source
Quote
At this time, we believe attackers targeted certain Twitter employees through a social engineering scheme. What does this mean? In this context, social engineering is the intentional manipulation of people into performing certain actions and divulging confidential information.
The attackers successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems, including getting through our two-factor protections. As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets. We are continuing our forensic review of all of the accounts to confirm all actions that may have been taken. In addition, we believe they may have attempted to sell some of the usernames.
For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account’s information through our “Your Twitter Data” tool. This is a tool that is meant to provide an account owner with a summary of their Twitter account details and activity. We are reaching out directly to any account owner where we know this to be true. None of the eight were verified accounts.
The attackers successfully manipulated a small number of employees and used their credentials to access Twitter’s internal systems, including getting through our two-factor protections. As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets. We are continuing our forensic review of all of the accounts to confirm all actions that may have been taken. In addition, we believe they may have attempted to sell some of the usernames.
For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account’s information through our “Your Twitter Data” tool. This is a tool that is meant to provide an account owner with a summary of their Twitter account details and activity. We are reaching out directly to any account owner where we know this to be true. None of the eight were verified accounts.
Jump to: