On July 15, 2020, hackers breached the Twitter accounts of a series of celebrities and big-name manufacturers in the United States to post fraud messages, including the accounts of former US President Obama and former Vice President Biden. In the aftermath of this hacker attack, a big question remains unresolved: Are hackers just for money?
“The biggest hacking incident in history”
On July 15, 2020, one (or more) hackers breached the Twitter (American social networking site) accounts of a series of celebrities and big-name manufacturers. The first to be breached was the account of the wealthy American businessman Elon Musk, followed by the former world’s richest man Bill Gates, Apple, the famous singer Kanye West, Amazon founder Jeff Bay Zoss, former US President Obama and former Vice President Biden, etc. After logging in to these accounts, hackers used them to post a series of similar scam messages, claiming that they “will give back to the society during the global epidemic” and attached a website (now cancelled).
Those who visited the website were told that if they sent bitcoin to the specified address within 30 minutes, they would get double the amount in return. And if the total donation exceeds a certain threshold, everyone will receive a bonus. Because of the “celebrity effect,” these news convinced many people to take it for granted, and hackers made a lot of money.
After Twitter officials discovered the abnormal situation, in order to prevent more fraud information from being shared, Twitter temporarily shut down the publishing function of all authenticated users and cleared the fraud information. It took about 3 hours from the sending of the first scam message to Twitter finally regaining “account sovereignty” and restoring functions for authenticated users.
This incident is the most serious invasion of mainstream social media platforms so far, and it can be described as “the biggest hacking incident in history.” In just three hours, it has already caused an uproar in the online world. Twitter announced the launch of a full investigation into the hacker attack at the same time as the incident. The next day, the FBI also announced that it would intervene in the matter to investigate.
How the account was compromised
Hours after the hacking, an anonymous person who claimed to have taken over some accounts claimed that the hacker had bribed at least one Twitter employee to gain strong internal control of the platform.
Some Twitter employees can use a control panel through which the email address linked to a specific Twitter account can be changed. By changing the relevant information of any account, hackers can temporarily transfer account ownership to themselves.
However, it is still under investigation whether Twitter “has a ghost” or employees have been hacked.
So, how much money did the hacker cheat? According to the investigation, as of July 16, the total amount sent to the address designated by the hacker was 12.86874316 Bitcoin, equivalent to US$118,995.75. Many of the cryptocurrencies in the wallet associated with the website have been transferred, and now only $141 remains there.
Why Twitter accounts are always stolen
On March 16, 2017, a tweet on the official McDonald’s Twitter account “cursing US President Trump” was uploaded on the Internet.
Subsequently, a spokesperson for the McDonald’s Public Relations Department issued a statement saying: “According to the investigation, we determined that the Twitter account was compromised by outsiders. We have quickly implemented protective measures and apologized for this tweet.”
The day before, a number of other high-profile accounts such as news media, executives, and government agencies were stolen on Twitter.
Hacking attacks like this are particularly worrying, not only because of possible financial scams, but also because many global leaders are using Twitter. For example, Trump often announces major policy decisions on Twitter. Hacking into the accounts of these leaders could have devastating consequences.
In 2019, Twitter’s chief executive Jack Dorsey’s account was also hacked, raising concerns about whether there is an account on the platform that can really avoid being hacked. After Jack Dorsey was hacked, Twitter fixed the hacking mechanism. But it seems that it is not enough.
Now, what major government agencies are most concerned about is the security of Twitter accounts.
A senator drafted a letter to Jack Dorsey, questioning whether Twitter had breached the contract in this incident, the possibility of personal data loss, and whether Twitter’s various measures to prevent hacking were in place.
In addition to individual government members, Twitter also faces strict scrutiny by trade regulators and regulatory agencies. At the same time, the BBC also pointed out that if EU regulators find that Twitter is lax in protecting its users, then the social media giant will face huge fines.
In the aftermath of this hacker attack, a big question remains unresolved: Are hackers just for money? Getting the social media accounts of almost all celebrities in the world means that they can temporarily influence the stock market, promote ideas, and even turbulent politics. Even if the temporary use of the account is sold on the black market, it will be a sky-high price. Digital privacy expert Ray Walsh said that these hackers are “either very unimaginative or very restrained.”