Crypto industry leaders provide a commentary on the recent Twitter hack.
Twitter Hack: Attackers Gained Access To God Mode
Konstantin Richter, CEO of Blockdaemon, commented:
Mohnish Pabrai’s flagship hedge fund returned – 15.1% during the first half of 2020, according to a copy of its second-quarter investor letter, which ValueWalk has been able to review. That compares to a performance of +12.7% for the NASDAQ, -3.1% for the S&P 500 and -8.4% for the Dow Jones Industrial Average over the Read More
“Twitter has become one of the most widely used communication tools and sources of breaking news. Looking at who was hacked — famous verified users that are very active on Twitter and the fact that they had two-factor authentication (2FA) enabled, presents questions around defeating 2FA without some kind of access to internal systems. Cryptocurrency scammers that are looking to make cash fast should be a warning beacon to other hackers that could do a lot more damage with more drastic consequences.
It is speculated that the hacker(s) gained access to the so-called “God Mode” system used to administer Twitter accounts on the platform. The access could have been through a platform exploit or a social engineering attack on a Twitter employee. Either way, it’s clear that building secure software systems is a challenge, and developers and system owners need to be hyper aware that the systems they build may be used for malicious intent due to bugs, social engineering hacks or rogue employees. It’s of the utmost importance that these systems have strict access controls and are thoroughly audited for potential vulnerabilities.
Many crypto scams circulate on social channels but are spotted easily because they appear to be spam. Since the industry is still in its infancy, many can be tricked because they want to participate. Since this scam hit a wider audience that may not be as familiar with cryptocurrency through verified twitter users, it was more believable.
Seeing how widespread and high profile scam was, the damage was relatively small compared to what kind of chaos could be unleashed. With pending presidential elections less than 4 months away, a pandemic with many unknowns, and tensions increasing in various regions, it is vital that Twitter set up additional security measures, and also publicly share a breakdown of what happened to assure users and prevent it from happening again.
One of the preventative measures Twitter deployed during the hack resolution was restricting the ability to tweet from specific high profile accounts. This action raises the concern that at any point Twitter has the ability to silence an individual account. It once again…