Centre issues notice to Twitter on Bitcoin hack

New Delhi: The Centre has issued a notice to Twitter in the backdrop of a recent hacking that targeted global high-profile users. Cybersecurity agency CERT-in has asked Twitter for full details of the global hack, the number of Indian users affected, and date impacted, if any, reports said.

The source privy to the development said that CERT-in has also asked Twitter for information about Indian users who have visited the malicious tweets and links, and whether the affected users have been informed by the platform about unauthorised access to their Twitter accounts.

The government has also demanded information of vulnerability exploited by attackers and modus operandi of the attack and sought details of remedial actions taken by Twitter to mitigate the impact of the hacking incident. Several prominent Twitter accounts, including those of former US President Barack Obama,

Tesla CEO Elon Musk and Microsoft co-founder Bill Gates, were hacked on Wednesday apparently to promote a Bitcoin scam in what the microblogging site believes to be a "coordinated social engineering attack." The attackers posted tweets that appeared to promote a cryptocurrency scam. The fake tweets offered to send USD2,000 for every USD1,000 sent to an anonymous Bitcoin address.

The accounts, along with those of Obama, Kanye West, Kim Kardashian West, Warren Buffett, Bezos and Mike Bloomberg, posted similar tweets soliciting donations via Bitcoin to their verified profiles on Wednesday,The posts all included the address of the same bitcoin wallet, which has seen as much as USD112,000 pour into it over the last few hours. Several accounts were blocked across the world for a brief period of time.

In a blog post, Twitter has revealed about its investigation. "At this time, we believe attackers targeted certain Twitter employees through a social engineering scheme. In this context, social engineering is the intentional manipulation of people into performing certain actions and divulging confidential information," it said.

"The attackers successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems, including getting through our two-factor protections. As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets. We are continuing our forensic review of all of the accounts to confirm all actions that may have been taken. In addition, we believe they may have attempted to sell some of the usernames." "For up to eight of the Twitter accounts involved, the attackers took the additional step of downloading the account's information through our "Your Twitter Data" tool. This is a tool that is meant to provide an account owner with a summary of their Twitter account details and activity. We are reaching out directly to any account owner where we know this to be true. None of the eight was verified accounts," the blog read.

Attackers were not able to view previous account passwords, as those are not stored in plain text or available through the tools used in the attack. They were able to view personal information including email addresses and phone numbers, which are displayed to some users of our internal support tools, Twitter said.