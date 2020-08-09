James Martin/CNET



Twitter has reported new data on the cyber attack that suffered on July 15.

The social network said on July 30 through its support blog that the massive attack with which hackers hijacked the accounts of public figures such as Jeff Bezos and Elon Musk and from them tweeted about a bitcoin scam, was the result of an attack of phishing.

In order to carry out the attack, the hackers needed access to the credentials of Twitter employees who had permissions to use account management and support tools. Therefore, the social network explains that the attack was based on a type of scam known as phishing usually in the form of a file or link, usually hidden in the middle of emails, making it difficult for security software to detect them.

“Not all employees who were initially attacked had permissions to use account management tools, but the attackers used their credentials to access our internal systems and obtain information about our processes,” explains Twitter. “This allowed them to target additional employees who had access to our account support tools,” he added.

The platform recently recognized that hackers They also downloaded data from up to eight of the 130 compromised accounts through a social network’s own tool that allows users to download their direct messages, photos, videos, address book, and other data such as demographic and interest information. He also reported that the attackers they were able to access the inboxes of 36 these accounts.

Due to the high profiles of affected users on Twitter, the The FBI recently opened a formal investigation against Twitter for national security concerns. The FBI seems concerned that the vulnerabilities that led to the coordinated attack could be used for more than just a bitcoin scam.

Following the hack, the platform has taken some drastic measures despite denying at all times that passwords have been leaked. The social network reported on July 16 that it took the measure of blocking all users who had changed (or tried to change) their password in the last 30 days.

