Twitter’s employees were manipulated into providing access to the social network’s internal systems to attackers, the company has revealed in an update to its investigation into a recent Bitcoin scam, one that affected prominent accounts including Apple.
Published late on Friday, the update
details what Twitter’s security teams believes happened on July 15
, which saw a number of Twitter accounts with high follower accounts post a tweet designed to take Bitcoin payments from the account’s readers.Twitter’s summary of events seemingly confirms early reports
claiming some sort of social engineering was attempted, the microblogging service believes attackers targeted “certain Twitter employees” and was successful with a small number. Credentials acquired via the scheme were then used to access Twitter’s internal systems, including getting through the company’s two-factor protections.
Source: APPLE INSIDER