A Twitter employee collaborated with hackers to take over blue-ticked accounts across the platform on Wednesday, Vice reported, citing two sources from a hacking community responsible for the attack. It also provided leaked screenshots obtained by Vice’s Motherboard allegedly proving the deed.
According to the sources cited by the outlet, the Twitter insider was paid to “literally” do “all the work” for the hackers. The employee could have provided hackers with access to a necessary tool which helped them carry out the attack or simply hijacked the account by himself or herself, Vice said, citing the comments of a Twitter spokesperson.
So far, the Twitter Support team has only publicly stated that: “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
According to Vice, a Twitter spokesperson explained the recent development in relation to a removal of tweets containing screenshots of the panel and details of the users' accounts in an email to Motherboard, by saying that "as per our rules, we're taking action on any private, personal information shared in Tweets".
Twitter has been repeatedly criticised for censoring free speech while banning accounts of prominent conservative figures in the past, including those of James Woods and Alex Jones' Info Wars, while also flagging and deleting posts it claimed didn't comply with the company's rules. Its decision to prevent the spreading of screenshots allegedly illustrating the internal source of the attack on Twitter users was also taken with a pinch of salt.
On Wednesday, a massive hacker attack targeted a number of high-profile verified accounts on Twitter with a bitcoin scam, including those of SpaceX’s Elon Musk, Bill Gates, presumptive Democratic candidate Joe Biden, former US president Barack Obama and many others, as well as such companies as Apple, Gemini and Binance.
Messages calling upon users to send bitcoins to specified addresses to receive “back doubled” appeared on blue-ticked accounts.
While the investigation is still ongoing, the Twitter Support team notified the users that “significant steps to limit access to internal systems and tools” had been taken.
“We have locked accounts that were compromised and will restore access to the original account owner only when we are certain we can do so securely,” it said.
