Daily Management Review

Twitter’s Own ‘Admin’ Tool Used By Hacker To Spread Cryptocurrency Scam


Twitter’s Own ‘Admin’ Tool Used By Hacker To Spread Cryptocurrency Scam
Access to an “admin” tool on Twitter’s network was allegedly gained by hacker who has been reported to have been behind the spate of Twitter account hacks on Wednesday. According to reports quoting sources with knowledge of the matter, this access allowed the hacker to hijack high-profile Twitter accounts to spread a cryptocurrency scam.
The hack targeted the accounts of some of the most prominent people who are active on the social media platform as well as on leading cryptocurrency sites. At the same time, the hack also targeted some of the well known names from the world of politics and business including those of Bill Gates, Jeff Bezos, Elon Musk and Democratic presidential hopeful Joe Biden.
No details of the hacking were provided by Twitter initially. However, the social media platform later confirmed through a series of tweets that the hacking was the result of “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”
According to a report published by TechCrunch citing sources, a hacker who is known by the code name of “Kirk” — most likely not their real name — generated over $100,000 in the matter of hours by accessing an internal Twitter tool that helped the hacker to take control of popular Twitter accounts.
The associated email addresses of affected accounts were rest set by the hacker with the help of the tool so that owners of accounts were unable to gain control of their accounts. Then, a cryptocurrency scam was pushed at the targets by the hacker while claiming that whatever money in bitcoin is sent by a victim “will be sent back doubled.”
According to the TechCrunch report, access to vanity Twitter accounts, such as usernames that are short, simple and recognizable, was the initial business that the hacker had started out with. That is big business because anywhere between a few hundred dollars or thousands can be made from a single stolen username or social media handle.
It has also been reported that the hacker had reportedly contacted a “trusted” member on OGUsers which is a platform that is often used by traders of hacked social media handles. The hacker depended on the trusted member to help sell the stolen vanity usernames.
TechCrunch reported the hacker saying: “Send me @’s and BTC,” referring to Twitter usernames and cryptocurrency in several screenshots of a Discord chat that had reportedly been shared with TechCrunch.  “And I’ll get ur shit done,” he said, referring to hijacking Twitter accounts.
Reports also claimed that the internal Twitter tool that was accessed by the hacker is apparently used by Twitter employees to control access to a user’s account such as for changing the email associated with the account and can even be used to suspend the user altogether.