Twitter says the hack that compromised the accounts of some of its most high-profile users targeted 130 people. The hackers were able to reset the passwords of 45 of those accounts.

The San Francisco=based company said in a blog post-Saturday that for up to eight of these accounts the attackers also downloaded the account’s information through the “Your Twitter Data” tool. None of the eight were verified accounts, Twitter said, adding that it is contacting the owners of the affected accounts.

“We’re embarrassed, we’re disappointed, and more than anything, we’re sorry. We know that we must work to regain your trust, and we will support all efforts to bring the perpetrators to justice,” Twitter said in the blog post.

The July 17 attack broke into the Twitter accounts of world leaders, celebrities and tech moguls in one of the most high-profile security breaches in recent years. The attackers sent out tweets from the accounts of the public figures, offering to send $2,000 for every $1,000 sent to an anonymous Bitcoin address.

It highlighted a major flaw with the service millions of people have come to rely on as an essential communications tool.

Allison Nixon, chief research officer at cybersecurity firm 221B said in an email Sunday that the people behind the attack appear to have come from the “OG” community, a group interested in original, short Twitter handles such as @a, @b or @c, for instance.

“Based upon what we have seen, the motivation for the most recent Twitter attack is similar to previous incidents we have observed in the OG community — a combination of financial incentive, technical bragging rights, challenge, and disruption,” Nixon wrote. “The OG community is not known to be tied to any nation-state. Rather they are a disorganized crime community with a basic skill set and are a loosely organized group of serial fraudsters.”

While this attack did not appear to go further than the Bitcoin ruse — at least for now — it raises questions about Twitter’s ability to secure its service against election interference and misinformation ahead of the U.S. presidential election.

“Entire markets and potentially elections may be manipulated or altered in this way,” Nixon said. “Victims of account takeovers generally do not know that the fraud has occurred, and generally cannot take security precautions to prevent it.”

source: AP

 

Also Read:

TRAFFIC POLICE INSTRUCTED TO FILE CASES AGAINST THE DRIVERS WHO DON’T FOLLOW THE ODD-EVEN RULE

EMBOSSED NUMBER PLATE REGISTRATION PROCEDURE IN NEPAL

CORONAVIRUS- JACK MA FOUNDATION AND ALIBABA FOUNDATION DONATE MEDICAL SUPPLIES TO 10 MORE ASIAN NATIONS

JACK MA FOUNDATION PUBLISHES HANDBOOK, SHARES CHINA’S EXPERIENCE IN BATTLING COVID-19

NEPAL'S ACTION FOR PREVENTION OF CORONAVIRUS

10% VAT REFUND ON ELECTRIC PAYMENT IN NEPAL

LIST OF LATEST BIKE OFFERS IN NEPAL YOU CAN'T-MISS! 

NEPAL GOVERNMENT WILL PROVIDE A CAPITAL GRANT UPTO RS 5 MILLION TO STARTUPS

A report in AP states that for the first time, Twitter has flagged some of President Donald Trump’s tweets with a fact-check warning.

On Tuesday, Twitter added a warning phrase to two Trump tweets that called mail-in ballots “fraudulent” and predicted that “mailboxes will be robbed,” among other things. Under the tweets, there is now a link reading “Get the facts about mail-in ballots” that guides users to a Twitter “moments” page with fact checks and news stories about Trump’s unsubstantiated claims.

Until now, the president has simply blown past Twitter’s half-hearted attempts to enforce rules intended to promote civility and “healthy” conversation on its most prominent user. Trump frequently amplifies misinformation, spreads abuse and uses his pulpit to personally attack private citizens and public figures alike — all forbidden under Twitter’s official rules.

In a statement, Twitter said Trump’s vote-by-mail tweets “contain potentially misleading information about voting processes and have been labeled to provide additional context around mail-in ballots.”

Trump has never previously faced Twitter sanctions on his account. The husband of a woman who died by accident two decades ago in an office of then-GOP Rep. Joe Scarborough recently demanded that Twitter remove the president’s baseless tweets suggesting that Scarborough, now a fierce Trump critic, killed her. Twitter issued a statement expressing its regret to the husband but so far has taken no action on those tweets.

Over the weekend, the president issued several tweets calling into question the legality of mail-in-ballots. The storm of tweets followed Facebook and Twitter posts from Trump last week that wrongly claimed Michigan’s secretary of state mailed ballots to 7.7 million registered voters. Trump later deleted the tweet and posted an edited version that still threatened to hold up federal funds.

Twitter policy forbids sharing “false or misleading information intended to intimidate or dissuade people from participating in an election or other civic process.” While it has previously flagged tweets conveying misinformation about the COVID-19 pandemic, it has never before put warnings on tweets for any other reason.

Trump replied on Twitter, accusing the platform of “interfering in the 2020 Presidential Election” and insisting that “as president, I will not allow this to happen.” His 2020 campaign manager Brad Parscale said Twitter’s “clear political bias” had led the campaign to pull “all our advertising from Twitter months ago.” Twitter has banned all political advertising since last November.

Trump’s Scarborough tweets offer another example of the president using Twitter to spread misinformation — in this case, about an accidental death that Trump persists in linking to the co-host of MSNBC’s “Morning Joe” show.

“My request is simple: Please delete these tweets,” Timothy J. Klausutis wrote to Twitter CEO Jack Dorsey last week.

The body of Lori Kaye Klausutis, 28, was found in Scarborough’s Fort Walton Beach, Florida, congressional office on July 20, 2001. Trump has repeatedly tried to implicate Scarborough in the death even though Scarborough was in Washington, not Florida, at the time.

There is no mystery to the death of Lori Klausutis. Medical officials ruled that the aide, who had a heart condition and told friends hours earlier that she wasn’t feeling well, had fainted and hit her head. Foul play was not suspected.

Klausutis wrote in his letter that he has struggled to move on with his life due to the ongoing “bile and misinformation” spread about his wife on the platform, most recently by Trump. His wife continues to be the subject of conspiracy theories 20 years after her death.

Klausutis called his wife’s death “the single most painful thing that I have ever had to deal with” and said he feels a marital obligation to protect her memory amid “a constant barrage of falsehoods, half-truths, innuendo and conspiracy theories since the day she died.”

Trump’s tweets violate Twitter’s community rules and terms of service, he said. “An ordinary user like me would be banished,” he wrote.

At Tuesday’s White House briefing, press secretary Kayleigh McEnany repeatedly refused to say why Trump was pressing the unfounded allegations or whether he would stop tweeting about them. Instead, she focused on remarks that Scarborough made about the case that she said were inappropriate and flippant.

Dorsey did not reply directly to Klausutis’ letter and has not taken any action on the president’s tweets. In a statement, Twitter said it was “deeply sorry about the pain these statements, and the attention they are drawing, are causing the family.”

Scarborough has urged the president to stop his baseless attacks.

Also Read:

TRUMP COULD VIOLATE FACE MASK REQUIREMENT ON PLANT TOUR

ZOOM'S CAPITAL PUNISHMENT IN SINGAPORE

OVER 500,000 ZOOM ACCOUNTS SOLD ON HACKER FORUMS, THE DARK WEB

TOP UN OFFICIAL WARNS MALICIOUS EMAILS ON RISE IN PANDEMIC

FACEBOOK AND NETFLIX'S VALUE GOES UP BY MORE THAN 40% DURING COVID-19

Hackers broke into the Twitter accounts of world leaders, celebrities and tech moguls on Wednesday in one of the most high-profile security breaches in recent years, highlighting a major flaw with the service millions of people have come to rely on as an essential communications tool.

The intent of the hack appeared to be to steal money from unsuspecting cryptocurrency enthusiasts — in particular, by using the compromised high-follower accounts to scam people out of Bitcoin. But it also raises questions about Twitter’s ability to secure its service against election interference and misinformation ahead of the U.S. presidential election.

Here are some questions and answers about the breach:

WHAT HAPPENED — AND HOW?

On Wednesday afternoon, the Twitter accounts of famous figures began tweeting similar messages saying they were “feeling generous” and would double any Bitcoin payments sent to an address in the tweet. Among the individual accounts affected were former President Barack Obama, Democratic presidential candidate Joe Biden, tech billionaires like Amazon CEO Jeff Bezos, Microsoft co-founder Bill Gates and Tesla CEO Elon Musk and celebrities such as Kanye West and his wife, Kim Kardashian West.

Companies like Apple and Uber, which respectively have 4.6 million and one million followers, were also affected.

Twitter soon locked down many accounts, including those of its “verified” users with blue check marks next to their names — a group that include many U.S. politicians as well as businesses, celebrities, journalists and news organizations. Twitter called the hack a “coordinated social engineering attack” by unknown people who “targeted” Twitter employees with access to the platform’s internal systems and tools.

The hackers, Twitter said, used this access to take control of many high-profile accounts and masquerade as their owners.

WHAT IS SOCIAL ENGINEERING?

Essentially, social engineering means taking advantage of human nature. Examples include phishing attacks and other ways people can be tricked into giving out compromising information, malware attacks that get people to download malicious software, and compromising people by offering something in return for information. Twitter did not say how its employees were compromised.

COULD THE ATTACK HAVE BEEN PREVENTED?

Twitter said late Wednesday it has taken “significant steps” to limit employees’ access to internal systems and tools while its investigation is ongoing. But this is not the first time Twitter employees have wrecked havoc.

In 2017, a disgruntled employee deactivated President Donald Trump’s account for a few minutes. Last year, U.S. prosecutors charged two former Twitter employees with spying on user data for the government of Saudi Arabia. The incidents raise questions about Twitter’s internal security systems, and whether the company can trust employees with access to sensitive information.

WHAT DOES THE HACK MEAN FOR THE 2020 ELECTION?

The hack might be a simple demonstration of Twitter’s weak security controls as the U.S. heads into the 2020 presidential election, a contest in which social media is already playing a hugely influential role.

Among the political figures targeted, the hack mostly appeared to target Democrats or other figures on the left, drawing comparisons to the 2016 campaign. The White House said that President Donald Trump’s account was secure and wasn’t jeopardized.

U.S. intelligence agencies have established that Russia engaged in coordinated attempts to interfere in the 2016 U.S. election through social media tampering and various hacks, including targeting the campaigns and major party organizations.

While Twitter, Facebook and other social media companies have since tightened their election security systems and policies, malicious actors trying to intervene have also improved their tactics. In other words, if a Bitcoin scam was so easy to pull off, what will prevent an attack on the U.S. election?