Jul 18, 2020

Yesterday's Twitter hack may have been just a diversion to some larger hidden mission

When the twitter accounts were found to be compromised yesterday, the Hacker News forum was abuzz with theories but the major question bothering everyone was: Despite having access to some of the most influencial and world renowned people's accounts, all they did was pull a cheap bitcoin scam?


The hundred thousand odd dollars earned from the scam (as indicated by BTC transactions pertaining to said addresses) seemed like a pittance in comparison to the value of influential power one might get by controlling such VIP accounts (however briefly). For example, the records of DM (Direct Messages) of these VIP accounts alone might easily help those hackers earn a few million bucks without them having to bother pulling any bitcoin shenanigans. Why did they do it then?

And just now, Twitter has posted an update to yesterday's incident on their blog, and HN is again abuzz today! Its because Twitter has revealed something in that post which has sort of confirmed that speculation. Its only anybody's guess what their secret or covert mission could have been but one thing is clear: those VIP accounts tweeting bitcoin messages were NOT the real targets of the hackers. We can say that because Twitter has confirmed in that post:

>> For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account’s information through our “Your Twitter Data” tool.

For only eight accounts, the hackers managed to pull their DMs and other information, and NONE of those eight were the VIP accounts. We can say that because Twitter later confirms that all eight of them were UNVERIFIED accounts.

This has only raised even more questions about the incident as mystery further intensifies. If the attacker's objective was to simply get hold of the comms of those eight individuals, why didn't they do it quietly without attracting any attention? After all, that's how professional spies operate. The last thing in the spy playbook is advertising their tools and access for the entire world to see!

Another theory is that the bitcoin shenanigans could simply be proof of work? The DMs alone may not have enough marketable value but by displaying their access for the entire world to see, the hackers now have a way of proving that the data theft actually occurred?

But the million dollar question is: Who are those eight "unverified" lesser known individuals and why was someone so desperate to lay their hands on their personal data? That might give more pointers in solving this seemingly biggest and mysterious hack of our times!

1 comment:

New Plato said...

Unverified accounts means they belong to conservatives.

Post a Comment