This topic contains 1 reply, has 2 voices, and was last updated by DrinkMoreCodeMore 3 weeks, 6 days ago.
- July 16, 2020 at 2:47 pm #283211
I am a software engineer, not a hacker. Would an attack like today be a long slow spear fishing type gathering of passwords, or is this more likely a fault in Twitter somewhere that allowed mass accounts to be compromised?
- July 16, 2020 at 2:47 pm #283212
The general consensus on infosec Twitter atm is that the attackers gained access to some kind of internal Twitter admin or support portal that allowed them to change account passwords and disable 2FA on any accounts.
Could have been phishing a work-from-home Twitter employee and popping their computer or who knows.
Will be really interesting to see if they release a post-mortum about this hack.
Edit: A new Twitter API was set to be launched tomorrow, https://twitter.com/evantobac/status/1283549129658888193
- July 16, 2020 at 2:47 pm #283213
Twitter admin panel seems the most logical
- July 16, 2020 at 2:47 pm #283214
You must be logged in to reply to this topic.