Last month, three young men were arrested in the United Kingdom and the United States, accused of one of the biggest scams ever suffered by Twitter. They managed to control the account of famous personalities like Joe Biden, Jeff Bezos and Elon Musk through a well known technique.
Long before this security breach became public, dozens of victims suffered the same blow, and in recent weeks a wave of crime has taken off on a grand scale.
In July, Twitter announced that hackers had used a technique called "phone snoop", literally translated "phone sniper", which allowed them to view 130 accounts, including CEOs, politicians and celebrities. Hackers managed to take control of 45 of these accounts, using them to send tweets promoting a pyramid scheme. Bitcoin .
Twitter wrote on your blog about this intrusion, reporting that hackers contacted Twitter employees using false identities to gain access to credentials that gave them access to an internal tool of the company itself that would allow them to reset passwords and authentication settings for multiple accounts.
But Twitter hasn't been the only recent "telephone fishing" target, just in the last month, since the Twitter hack went public, dozens of companies, including banks and web hosting companies, have been targeted by the same attack.
As in the Twitter attack, employees of these targets received phone calls from hackers posing as tech staff to trick them into giving their passwords to internal tools. Attackers then sold that access to others.
These attacks use the so-called social engineering, it exploits security holes in human processes that allow the invasion without even needing as much technical knowledge. Attacks of this size and organization have never been seen before being carried out by independent groups, normally an attack of this magnitude is carried out by specialized groups and even governments, leaving investigators intrigued to discover that everything was orchestrated by a few teenagers around the world.