Search This Blog

Showing posts with label Twitter. Show all posts

Child Tweets Gibberish from US Nuclear Agency Account

 

An unintelligible tweet sent out from the official account of U.S. Strategic Command in charge of the nation’s nuclear arsenal last weekend had left many in shock. Some jokingly said the cryptic tweet, “;l;;gmlxzssaw,” was a US nuclear launch code and some even thought it was a message to political conspiracists.

Now the US strategic command has revealed that it was a young member of the account’s social media manager who accidentally tweeted from the official account, which was then deleted within minutes. Many people saw this tweet as an attack on the country’s nuclear arsenal including Mikael Thalen, a journalist with the Daily Dot. He decided to file a Freedom of Information Act (FOIA) request to get answers. 

“Filed a FOIA request with U.S. Strategic Command to see if I could learn anything about their gibberish tweet yesterday. Turns out their Twitter manager left his computer unattended, resulting in his ‘very young child’ commandeering the keyboard,” Thalen wrote on his Twitter account. 

“The command’s Twitter manager…momentarily left the command’s Twitter account open and unattended. His very young child took advantage of the situation and started playing with the keys and unfortunately, and unknowingly, posted the tweet. Absolutely nothing nefarious occurred, i.e., no hacking of our Twitter account. The post was discovered and notice to delete it occurred telephonically,” U.S. Strategic Command responded. 

According to a report published by Kaspersky security researchers, remote workers can be more vulnerable to outside attacks, which was proved in this instance. “Lockdown has been a stressful time for everyone…without additional support from young employers, young people and caregivers could continue to deviate further from pre-set and learned IT security rules, exposing their companies to further increased security risk,” Margaret Cunnigham, principal researcher at Facepoint stated.

Cybercrimial are Using Twitter as a Doorway to Target Indonesian Banks

 

Group-IB, a global threat hunting firm, has discovered traces of an ongoing phishing campaign targeting Indonesia’s largest banks that cybercriminals manage on Twitter with the ultimate goal of stealing bank customers’ money. To lure the victims into their trap, attackers pose as bank representatives or customer support team members on Twitter. 

Threat actor started this phishing campaign in January and since then it has grown by leaps and bounds. Currently, 1,600 fake Twitter accounts are impersonating banks as compared to 600 in January. Security researchers have discovered evidence of at least seven prominent Indonesian banks that have been targeted under this campaign.

Over two million Indonesian bank customers are affected due to this phishing campaign, specifically, those who are active on the legitimate bank handles on Twitter. This fraudulent scheme was on the radar of Group-IB’s team since December 2020. Back then, only limited cases of this type of fraud were detected, but over the past three months, it expanded tremendously – from 600 fake Twitter accounts to 1,600.

The methodology used by cybercriminals 

Cybercriminals identify their targets after a bank customer asks a question or leaves feedback on the bank’s official page. They are then promptly contacted by scammers, who use fake Twitter accounts with a profile photo, header, and description that impersonates those of the real ones.

The next step is to engage the victims in a conversation via Telegram or WhatsApp. Then, the scammers send a link to the victims asking them to log in there for solving their problem through a complaint. The links lead to a phishing website identical to the official website of the bank, where victims leave their online banking credentials, which include username, email, and password.

“The case with the Indonesian banks shows that scammers have managed to solve one of the major challenges of any attack – the issue of trapping victims into their scheme. Instead of trying to trick their potential victims into some third-party website, cybercriminals came to the honey hole themselves. The campaign is consistent with a continuous trend toward the multistage scams, which helps fraudsters lull their victims,” Ilia Rozhnov, Group-IB head of Digital Risk Protection in APAC, stated.

Twitter Ads used by Scammers to Promote Fake Cryptocurrency

 

One must pay attention to all Twitter advertisements that propagate all kinds of the falsified cryptocurrency scam. Tweeters can "promote" an existing tweet in order to promote their own services and information, by showing it to other followers or users on Twitter. The scammers' report on Twitter checked accounts supporting bogus cryptocurrency scams. The scams are allegedly made under the name of these well-known individuals or companies such as Elon Musk's Tesla, Gemini Exchange, Chamath Palihapitiya, and Social Capital. The threat actors have indeed been unbelievably successful with a round of attacks raising over $580,000 in a single week. 

If anyone receives messages from Tesla, Elon Musk, Gemini exchange, Palihapitiya Chamath, Social Capital, or other famous cryptocurrency donations – individuals or companies, they must go as far as they can from such types of posts, because the handles are compromised, and they are scammed. 

Since these scams continue to produce revenue by plundering thousands of dollars via the promotion of Bitcoin, the threat actors are also beginning to threaten other recent prominent cryptocurrencies, including Dogecoin. Dogecoin is the cryptocurrency of Billy Markus and Jackson Palmer, software engineers, who wanted to build an immediate, enjoyable, and conventional banking fees-free payment system. Dogecoin has as its emblem and its name as the face of Shiba Inu dog from the "Doge" memes. 

Twitter users are able to "promote" an ongoing tweet by paying for it being displayed to many other users in their Twitter feeds to advertise its services and content. Security researchers such as Zseano, Jake, and MalwareHunterTeam have found a new technique that crypto-currency fraudsters use, i.e. via tweets on Twitter. 

The technique comprises of the splitting up of URLs so as not to differentiate them by the Twitter algorithms of advertising for fraud. This then brings users to fakes landing pages which have been the social capital; exchanges between Tesla and Gemini, etc. and leads the user to additional real websites with the topics of Tesla or Elon Musk and an address with a Bitcoin, Dogecoin, or Ethereum. Besides, users can send coins to the address and they will actually increase the sum in return. 

Based on some of those scams, a total of $39,628.06 so far has been raised through the use of Bitcoin and Ethereum addresses. Unfortunately, several more cryptocurrency addresses are currently used by scammers, so the created sum is significantly greater. It doesn't mean that it is secure, only because the crypto app is in the app store. Recently, a Trezor-named application has been uploaded to the Apple store. Later, it was discovered to be a scam and the software has been used for phishing passwords and private keys.

Russian authorities slow access to Twitter over banned content

The Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor)  accused Twitter of numerous violations and failure to remove prohibited information. On March 10, the work of the social network in Russia began to slow down.

Russian parliamentarians supported Roskomnadzor's decision to slow down Twitter.

Earlier, the press service of the department said that they would reduce the speed of the social network on all mobile devices. This decision is due to the reluctance of the Twitter administration to block illegal content, including calls to suicide, child pornography and information about drugs. Roskomnadzor did not rule out a complete blocking of the service if nothing changes.

The Kremlin considered Roskomnadzor's claims to the social network justified and called on the company to comply with the requirements of Russian legislation.

According to the deputy of the State Duma Anton Gorelkin, the state has no other tools left to influence the violator, except for tough measures.

"It is impossible to ignore the fact that Twitter acts in Russia as an instrument of political manipulation of public opinion, blocks the Russian media. At the same time, it continues to earn money in our country," he wrote in his Telegram channel.

The parliamentarian explained that slowing down the service is a way to affect the company's commercial profit, which it prioritizes. Gorelkin expressed hope that the new measures will be more effective than "modest Russian fines."

Head of the State Duma Committee on Information Policy Alexander Khinshtein called the actions of the department adequate. According to him, "it is impossible to look further and put up" with Twitter's policy.

Senator Alexander Bashkin believes that the decision of Roskomnadzor will serve as a "sobering shower" for other social networks that do not comply with the requirements of Russian legislation. In his opinion, Twitter has long been "a weapon that is used not only against Russia but also against freedom of speech, information and democratic foundations."

The first deputy chairman of the Committee of the Federation Council on International Affairs Vladimir Dzhabarov warned that other platforms in the event of serious violations may face retaliatory measures - up to the closure.

Earlier, E Hacking News reported that, according to  the Russian Foreign Ministry, Maria Zakharova, Western Internet giants (such as Facebook, Twitter, and Google) "operate in our environment, but at the same time they often do not obey any Russian laws."

Recall,  Twitch, Twitter, Facebook, YouTube and Instagram previously blocked Trump's accounts for various periods of time due to his statements about the riots in Washington on January 6.


Bitcoin Scammers Tricked People by Using Elon Musk’s Name

 

Security researcher MalwareHunter team exposed a cryptocurrency scam through which scammers were targeting the users on Twitter, this scam was running in the name of TESLA CEO Elon Musk. Scammers were tricking people by hacking verified Twitter accounts and swapping the name to ‘Elon Musk’ and responding to the tweets of real Elon Musk.

The scammers were successful in tricking the users on Twitter by requesting them to send cryptocurrencies in exchange for collecting a huge amount later. The threat actors have managed to earn $587,000 in bitcoin through a scam promoting fake Elon Musk cryptocurrency giveaway.

MalwareHunter team stated that scammers hacked the inoperative accounts, “big % but not all. At least 2-3 was active within a few weeks to few days, of those one looked possible the last activities were not from the original owner but of course couldn’t verify”. This is not the first time that scammers have tricked Twitter users in the name of Elon Musk giveaway, in 2018 scammers successfully managed to earn $180,000 by running an Elon Musk giveaway promotion. 

Cybersecurity organization Adaptiv assembled the data in June 2020 which showed that Bitcoin scammers have managed to earn nearly $2million over a period of two months and no surprise, scammers have used the name of Elon Musk. Elon Musk gave concerning remarks on these scams in February 2020 by stating “the crypto scam level on Twitter is reaching new levels, this is not cool”.

Threat actors targeted the verified Twitter accounts and took advantage of Twitter’s new protocol as Twitter shut down the feature to verify an account in July due to the company was targeted by the scammers in a major cryptocurrency scam.

Ransomware Attack Takes Down Massive Food-Supply Chain Providing Distribution of Temperature-Sensitive COVID-19 Vaccines

 

A company whose cold-storage capacities are extremely integral to the U.S. food-supply chain and the Coronavirus vaccine distribution affirmed an operation affecting cyberattack, as per a filing with the Securities and Exchange Commission (SEC). 

Americold is by far the largest cold-storage provider in the U.S. what's more, it operates 183 temperature-controlled warehouses globally, incorporating Argentina, Australia, Canada, and New Zealand; and just got hold of a similar company in Europe. 

For 'an idea of scale’, it holds the agreement for linking the ConAgra food-producing giant to supermarkets and customers. 

The attack appears all the earmarks of being a ransomware episode that began on Nov. 16 and even influenced the organization's phone systems, email, inventory management, and request satisfaction, as indicated by reports on Twitter. 

The filing with the SEC was brief and read that: “As a precautionary measure, the company took immediate steps to help contain the incident and implemented business continuity plans, where appropriate, to continue ongoing operations… Security, in all its forms, remains a top priority at Americold, and the company will continue to seek to take all appropriate measures to further safeguard the integrity of its information technology infrastructure, data and customer information.” 

The attack is probably going to be 'highly targeted' and 'very thought of', as per researchers. 

Chloé Messdaghi, Vice President of strategy at Point3 Security, said by means of email, “Human-operated ransomware attacks begin with trojans or other exploits against unsophisticated vectors. Once a way in is found, malware is planted and privileges are elevated. These attacks often exfiltrate data before encrypting files and the attacks are drawn out, with months of potential compromise adding to the potential harms that can result.” 

She added, “That’s why these types of attacks4 pose a greater threat than automated attacks such as WannaCry or NotPetya – they’re intentional and secretive.” 

Fundamentally, Americold has likewise been in conversion with providing storage and transport to the distribution of temperature-sensitive Coronavirus vaccines, as indicated by reports. 

Andrea Carcano, a fellow benefactor of Nozomi Networks, said through email, “The attack against Americold highlights a concerning trend of attackers targeting larger and more critical organizations, these threats should be a wake-up call for security professionals responsible for keeping not only IT, but operational technology (OT) and internet of things (IoT) networks safe. In the manufacturing business, time is money, so the disruption of IT services as well as manufacturing downtime and shipment delays, translates to lost revenue.”

Google Drive Notifications Used to Send Malicious Links to Hundreds of Thousands of Users

 

Cybercriminals have now resorted to utilizing a legitimate Google Drive collaboration feature to trick users into clicking on pernicious links. 

As per recent reports the attacks have been originated from Google Drive's collaboration feature, which enables users to make push notifications or emails that invite people to share a Google doc. Attackers are mishandling this feature to send mobile users Google Drive notifications, inviting them to collaborate on documents, which at that point contained 'malicious links'. 

Since they are sent through Google Drive, the notifications originate from Google's no-reply email address, causing them to appear more legitimate. Different cycles of the attacks are sent using email (rather than by notifications) and incorporate the malignant link directly in the email. The Google Drive notifications accompany various lures. 

Many imply to be "personal notifications" from Google Drive, with one lure named "Personal Notification No 8482" telling the victim they haven't signed into their account for some time. These undermine that the account will be deleted in 24 hours except if they sign in using a (malicious) link. Another, named "Personal Notification No 0684," tells users they have an "important notice" of a financial transaction that they can see for their own in their account, using a link. 

The attack has focused on countless Google users, as per WIRED. The report said that the notifications are being sent in Russian or broken English. 

These links take victims to malevolent scam websites. WIRED detailed that one such site flooded users with notifications to click on links for "prize draws," while different sites mentioned that victims click on such links to "check their bank account." 

Targeted users took to Twitter to the caution of the scams, with one Twitter user saying that 'the only red flag' of the scam was that he wasn't anticipating a shared doc.

 


With the generality of working from home due to the Covid pandemic, attackers are progressively utilizing collaboration and remote-work tools, including Google offerings. 

Nonetheless, a Google spokesperson told WIRED that the company is dealing with new security measures and is currently making strong efforts for detecting Google Drive spam.

US President’s Twitter Account Hacked; The Ethical Hacker ‘Guessed’ The Password

 

According to reports by a Dutch media, US President Donald Trump's Twitter account was purportedly hacked, after a Dutch researcher accurately speculated the president's password: "maga2020!"

De Volkskrant, a Dutch daily morning newspaper revealed, the ethical hacker and security researcher Victor Gevers had been able to access Trump's direct messages, post tweets in his name and even change his profile. 

A Twitter spokesperson however has denied this hack, in a statement, they stated, "We’ve seen no evidence to corroborate this claim, including from the article published in the Netherlands today. We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government." 

Jack Mannino, CEO at nVisium, a Falls Church, Virginia-based application security provider, explains, “A security-savvy team would assume that these controls were important and would likely opt to use a strong password as well as MFA to reduce the likelihood of account takeover attacks. However, in the event users of the account opted for convenience over safety, it is not Twitter's responsibility to force people to pick strong passwords or to implement the security features they offer to users. Twitter's job is to offer a secure platform and strong security features, which they do. If people are unable to convince the President to wear a mask during a pandemic, it's unlikely they could force him to use a strong password.” 

Supposedly gaining access to Trump's Twitter implied that Gevers was suddenly able to associate with all of Trump's followers i.e. approximately 87 million users as per De Volkskrant's story. 

He had attempted multiple times before utilizing the "correct" password, says, “I expected to be blocked after four failed attempts. Or at least would be asked to provide additional information.” 

Gevers revealed to De Volkskrant that President Trump was not utilizing fundamental safety measures, like the multifaceted authentication. 

As indicated by the news report, Gevers frantically reached out to Donald Trump to caution him, which ended up being a rather impossible task. Remarkably though, Gevers along two other Dutch ethical hackers had likewise hacked Trump's record somewhere four years back.

In those days Trump's password was "your fired", which according to VN news, was his 'catchphrase' from the reality television show that brought him half the popularity that he has today, before his election, The Apprentice.

Twitter and Facebook CEOs asked to testify on election and content moderation before the US Senate

 

The US Senate Judiciary Committee has asked the CEO of Twitter and Facebook to evaluate their role in “platforms’ censorship and suppression of New York Post articles” and their role in the election.
After voting to move forward with a pair of subpoenas, the Senate Judiciary Committee agreed that the two CEO Twitter's Jack Dorsey and Facebook’s Mark Zuckerberg will be answerable to the Senate set on November 17, two weeks after the US elections. The committee lead by Republican South Carolina Senator Lindsey Graham set the agenda of the day as “platforms’ censorship and suppression of New York Post articles.”

 The aforementioned New York Post article was labeled false as it published a story about Hunter Biden, the son of Democratic presidential nominee and former Vice President Joe Biden. The article claimed that Hunter Biden organized a meeting between Joe Biden and an executive at a Ukrainian energy company Burisma in April 2015. Many are calling it a typical "Right-Wing Agenda" with hacked materials and personal mails. 

Twitter prevented its users from posting links to the article. 

As said in a press release, the senators will also dig the two CEO'S on their performance on the elections. Republicans are looking up to questioning the CEOs on their handling of the New York Post regarding the hacked material and messages fished from Hunter Biden. 

The Republicans also intend to enquire about the recent claims of anti-conservative political bias in the two social media platform's policy decisions. Not only the Republicans but the Democrats are also eager to question content moderation on the platform, "While Republicans on the Senate committee led the decision to pressure Zuckerberg and Dorsey into testifying, the committee’s Democrats, who sat out the vote on the subpoenas, will likely bring to the table their questions about content moderation, as well" reports TechCrunch on the matter.

Twitter Rolled-out its Latest Feature that Lets Users Limit Reply



In an attempt to make conversations more effective and meaningful, Twitter has rolled out a new feature that will allow users to have a little more control over who is showing up in their mentions, the feature will enable users to get rid of spam in their conversations by limiting who can reply to their Tweets.

Before being launched globally on 11th August for both the Android and iOS users, the feature underwent a brief run in beta. It is now available for the Twitter App on both the platforms and also for the users accessing the platform via the official website twitter.com.

How the feature works?


While posting a tweet, you will come across a small globe icon at the bottom, upon tapping on that, three options will appear to choose who can reply to your tweet. If you choose nothing, the setting will remain default – meaning anyone can reply to the tweet or you can limit replies just to those who are tagged in the tweet; or only to your followers.

After selecting the preferred option, you are all set to compose your tweet and click on the 'Tweet' tab to publish it. One important thing to note here is that once the tweet is posted, you won't be able to change the reply settings for that particular tweet.

However, users must also note that people who are restricted from replying will get a greyed-out icon, but they will still be able to view and share your tweets – they can Retweet, Retweet with Comment, and like the tweet.

The feedback received by the users has been positive so far, indicating that users have felt more comfortable and guarded against abuse, trolls, and spam.

As per a blog post by Director of Product Management, Suzanne Xie, the new feature is successfully preventing about three potentially abusive replies while adding one potentially abusive retweet with comment.

Referencing from Xie's observations, “Sometimes people are more comfortable talking about what’s happening when they can choose who can reply,”
“We’ve seen people use these settings to have conversations that weren’t really possible before. Starting today, everyone will be able to use these settings so unwanted replies don’t get in the way of meaningful conversations," the blog post read.

"Since your Tweet = your space, we've been testing new settings to give people more control over the conversations they start. Sometimes people are more comfortable talking about what's happening when they can choose who can reply. We've seen people use these settings to have conversations that weren't really possible before. Starting today, everyone will be able to use these settings so unwanted replies don't get in the way of meaningful conversations," Xie further said in a statement.

Twitter Hack: Three Arrested in the Bitcoin Scam


Graham Clark, a resident of Tampa Florida has been arrested under charges of being involved in July’s Twitter hack that targeted the handles of famous personalities including the CEO of SpaceX and Tesla Inc., Elon Musk, and former President of the US Barack Obama, to name a few. The other two suspects arrested by Californian authorities are Nima “Rolex” Fazeli of Orlando and Mason “Chaewon” Sheppard from Bognor Regis, U.K.

The alleged three ran a scheme under which they hijacked the twitter accounts of various public figures and posted tweets advertising a bitcoin scam from these high-profile accounts. In order to acquire access to internal support tools and these Twitter accounts, Clark compromised a Twitter employee and made use of his credentials. After gaining access to 130 accounts belonging to politicians and celebrities, he tweeted Bitcoin scam messages from 45 and accessed direct messages inbox of 36 of them and stopped with downloading the Twitter Data for a total of 7 accounts. Reportedly, the three cybercriminals involved made a profit worth $120,000 worth of bitcoins as a result of the scam.

Among the affected accounts were Amazon’s founder, Jeff Bezos, Microsoft’s CEO Bill Gates, Kim Kardashian West and Joe Biden.

According to operation led by the FBI in collaboration with the Secret Service and IRS, 17-year-old, Graham Clark is identified as the mastermind of the sophisticated incident; the teenager is just a high-school graduate who will be prosecuted by Hillsborough State authorities.

Bearing charges of conspiracy to commit wire fraud and money laundering, aiding the mastermind in orchestrating the attack, Sheppard is subjected to 45 years of imprisonment as the maximum penalty.

In a related video news conference, State Attorney, Warren said, "I want to congratulate our federal law enforcement partners, the US Attorney’s Office for the Northern District of California, the FBI, the IRS, the US Secret Service, and the Florida Department of Law enforcement. These partners worked extremely quickly to investigate and identify the perpetrators of this sophisticated and extensive fraud."

"This defendant lives here in Tampa, he committed the crimes here, and he’ll be prosecuted here,"

"The State Attorney's Office is handling this prosecution rather than federal prosecutors because Florida law allows for us greater flexibility to charge a minor as an adult in a financial fraud case like this." He added.

Meanwhile, in the regard, Twitter said "We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses.

"For our part, we are focused on being transparent and providing updates regularly."

Florida Teen Responsible for Hijacking High Profile Twitter Accounts Arrested, Faces 30 Felony Charges


US police authorities in a press conference on Friday said they had arrested the main accused and two other suspects responsible for a major Twitter hack earlier this month. The main accused is recognized as Graham Ivan Clark, 17 years teen who lives in Tampa, Florida. WFLA-TV, a Florida-based news agency that reported the incident for the first time, said that it was the main suspect (Clark), who was arrested for the Twitter attack. The arrest happened through a national collaboration IRS, Secret Service, the FBI, and the DOJ.


Andrew Warren, State Attorney of Hillsborough, charged Clark responsible for the 15th July Twitter incident. Clark was alleged for being the "mastermind" behind the attack in which the 'suspects hijacked various high profile Twitter accounts.' The hackers used these accounts to tweet about fake cryptocurrency scams. Here's a list of hijacked accounts: Joe Biden, Barrack Obama, Bill Gates, Kanye West, Elon Musk, Apple, Jeff Bezos, Uber, Michael Bloomberg, Kim Kardashian, and various others. According to officials, the hack resulted in getting $1,00,000 worth amount transferred to Clark's account within a day.

Clark now faces 30 felony charges. These include: 

  • Communications Fraud 
  • Organizing Fraud 
  • Use of personal information for frauds 
  • Accessing electronic device without legal authority


The charges specified above were declared through Livestream by the Hillsborough State Attorney. In the beginning, Warren didn't specify whether Clark had other associates working for him. After the press conference, it came to public notice that two other suspects were working with Clark, identified as Mason Sheppard, 19, alias name "Chaewon," and Nima Fazeli, 22, alias name "Rolex." The suspect's arrest happened just after Twitter had published its inquiry report related to th 15th July Twitter hack.

Some of the critical points in the report are mentioned below:

  • The incident happened on 20th July 2020 
  • To gain access to Twitter employees' accounts, hackers used phone bases social engineering systems. Hackers got access to the slack accounts and gained credentials (Yet to be confirmed) 
  • Hackers escaped the 2 step authentication; the report doesn't mention whether backend accounts or slack accounts. 
  • After this, hackers used Twitter's tech support tools to control the accounts. 
  • Hackers breached 130 accounts 
  • Hackers also attempted to sell some of the high profile Twitter profiles.

Recent Twitter hacks raises security concerns and discredits the platform's credibility


The recent hack on Twitter leaves security researchers and others worried about the credibility of the platform, especially during the upcoming US presidential election and how a hack like this, if to be occurred during the elections, could be catastrophic.

Late Wednesday, a number of Twitter's verified accounts were hacked including former president Barack Obama, Democratic presidential candidate Joe Biden, Actress Kim Kardashian, Co-founder Microsoft Corporation Bill Gates, Amazon CEO Jeff Bezos, and Tesla founder Elon Musk. The hackers gained the login credentials of employees and hijacked these accounts. 

The company tweeted, “We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.” And "used this access to take control of many highly-visible (including verified) accounts and Tweet on their behalf.” 

This raises the concern that the platform has been compromised and that the hack was not performed from the user end rather it was attacked from the server.

Adam Conner, vice president for technology policy at the Center for American Progress, tweeted, “This is bad on July 15 but would be infinitely worse on November 3rd.” Twitter is a critical platform of political discourse and discussion and often serve as a news source. And if something similar to this was to occur on or near to Nov 3 Presidential Elections to say important political persons like Donald Trump; it would be cataclysmic.

“If the hackers do have access to the backend of Twitter, or direct database access, there is nothing potentially stopping them from pilfering data in addition to using this tweet-scam as a distraction,” said Michael Borohovski, Director at Synopsis.

These hacks have damaged Twitter's reputation especially since these are not the first attack on the platform but the worst one yet for sure. Dan Guido, CEO of security company Trail of Bits responded on the hack saying, “Twitter’s response to this hack was astonishing. It’s the middle of the day in San Francisco, and it takes them five hours to get a handle on the incident".

 The hijacked accounts tweeted to double the money sent to them via Bitcoin. By Wednesday evening 400 transfers were made and transactions worth $120,000 occurred.

Twitter Data Breach: Apology Sent to Potentially Affected Business Clients


The cyberspace has reportedly witnessed a fivefold increase in malicious attacks since the spread of the Coronavirus pandemic, it's primarily because people have been sidetracked due to systematic threat posed by the coronavirus that cybercriminals are not missing any chance of capitalizing on the adversity. Another reason guiding the crisis is based on the fact that IT has become the backbone of organizations as more and more employees turn to work remotely. In light of that, Twitter has become the latest victim of the crisis as the officials apologize for a business data breach.

Attackers have yet again gained access to personal details of Twitter users following a data breach that led the social media owners to seek an apology from its business clients and other users as well. The allegedly compromised data includes highly sensitive information related to the company's business clients' i.e., their phone numbers, email addresses, and last 4 digits of credit card numbers.

While confirming the data breach to TechCrunch, one of the Twitter's spokesperson told that when the billing information on ads.twitter.com or analytics.twitter.com was being viewed, some of the details were getting stored in the browser's cache.

Twitter warned the users of the serious data breach itself by sending emails to its business clients, acknowledging and appreciating the trust their users' place in them, meanwhile delivering a sincere apology for the security incident that might have led to a possible data breach.

"We're very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day." The email read.

"We are writing to let you know of a data security incident that may have involved your personal information on ads.twiiter and analytics. Twitter," Twitter said in a message to its potentially affected customers.

"We became aware of an issue that meant that prior to May 20, 2020, if you viewed your billing information on ads.twitter or analytics.twitter the billing information may have been stored in the browser's cache."

The issue was taken care of as soon as it came to the notice of the company, while Twitter also ensured that clients' who were
likely to be impacted by the security breach are made fully aware and provided with all the necessary information on how to keep themselves secure.

Facebook Sues Data Analytics Firm for Improperly Harvesting User Data


On Thursday, Facebook filed a federal lawsuit in California Court against OneAudience, a New Jersey-based marketing firm mainly involved in data analytics. The social media giant claimed that the firm was paying app developers to secretly harvest its users' data by getting an infectious software SDK installed onto their apps. The SDK was planted in various gaming, shopping, and utility-type applications available to download from the Google Play Store, as per the court documents.

A software development kit also known as SDK is a downloadable collection of software development tools used for developing applications. It consists of the basic tools a developer would require to build a platform-specific app with ease and excellence. In other words, SDK basically enables the programming of mobile applications. However, these packages have their drawbacks too as they also contain tools like trackers and it collects information about devices and app usage to send it back to the SDK maker.

Facebook alleged in the lawsuit that OneAudience has blatantly misused the feature "login with Facebook" to acquire unauthorized access to sensitive user data without any permissions. OneAudience has also been accused of paying apps to gain access to users' Twitter and Google data when they log into the infected apps using their account info.

"With respect to Facebook, OneAudience used the malicious SDK – without authorization from Facebook – to access and obtain a user's name, email address, locale (i.e. the country that the user logged in from), time zone, Facebook ID, and, in limited instances, gender," Facebook remarked.

Earlier in November 2019, social media giants Twitter and Facebook told that OneAudience collected private user information and the incident left hundreds of users affected as their privacy was compromised when OneAudience illegally collected their names, email addresses, usernames, genders and latest posts through SDK.

While commenting on the matter, Jessica Romero, Director of Platform Enforcement and Litigation, said "Facebook's measures included disabling apps, sending the company a cease and desist letter, and requesting their participation in an audit, as required by our policies. OneAudience declined to cooperate."

"This is the latest in our efforts to protect people and increase accountability of those who abuse the technology industry and users," she further added.

Facebook official Twitter and Instagram accounts hacked!


"Well, even Facebook is hackable but at least their security is better than Twitter.", this opening statement was posted on Facebook's official Twitter account by the hacking group OurMine.



Though the accounts have now been restored, the hacking group OurMine posted the same on Facebook's Twitter, messenger and Instagram accounts.

OurMine says its hacks are to show the sheer vulnerability of cyberspace. In January, they attacked and hijacked dozens of US National Football League teams accounts.

They posted the following on Facebook's Twitter page-

Hi, we are O u r M i n e,
Well, even Facebook is hackable but at least their security is better than twitter. 

 to improve your account security
 Contact us: contact@o u r m In e.org 

 For security services visit: o u r m In e.org 

On Instagram, they posted OurMine logo whereas Facebook's own website was left alone. Twitter has confirmed that the accounts were hacked albeit via a third-party and the accounts were then locked.

"As soon as we were made aware of the issue, we locked the compromised accounts and are working closely with our partners at Facebook to restore them," Twitter said in a statement.

These attacks followed the same trend as they did in the attack on the teams of the National Football League.

The accounts were accessed by Khoros, a third-party platform. Khoros is a marketing platform, a software that allows people to manage their social media accounts all in one space. It can be used by businesses to manage their social media communications. These platforms like Khoros, have the login details of the customers. OurMine seemed to have gained access to these accounts through this platform.

OurMine is a Dubai based hacking group known for attacking accounts of corporations and high profile people. It has hacked social media accounts of quite a few influential individuals like Twitter's founder Jack Dorsey, Google's chief executive Sundar Pichai, and the corporate accounts of Netflix and ESPN. According to OurMine, their attacks are intended to show people cybersecurity vulnerabilities and advises it's victims to use its services to improve security.

Expert finds a Bug in Twitter that can Expose your Account Information


As if it wasn't enough already, the famous social networking and microblogging website Twitter has suffered yet another data vulnerability recently. In a recent data breach incident, an expert claimed that he was able to exploit a Twitter bug and used it to match more than 17 Million mobile numbers to user profiles. The list of the accounts targeted includes prominent lawmakers and officials. This hack was achieved by exploiting a bug in Twitter's Android application.


According to the reports of TechCrunch, Safety expert, Ibrahim Balic discovered that it is attainable to post complete records of created contact information via the contact upload option in the Twitter app. "If you put your contact information .i.e the phone number, the app in return, retrieve user information," says Ibrahim. The users whose phone numbers were matched were from countries like Germany, France, Armenia, Iran, Greece, Turkey, and Israel. In one particular incident, the user whose number was matched was found to be a prominent Israeli politician, reports TechCrunch.

About the Bug-
Ibrahim Balic started to alert the users of this issue 2 months earlier, through a WhatsApp group. When Twitter came to know this, the micro-blogging platform immediately obstructed his attempts. Ibrahim was able to create more than 2 Billion mobile numbers, steadily, after rearranging the numbers created, he uploaded them online via the Twitter Android application. However, the vulnerability didn't exist in the web-based Twitter app. It is yet to confirm whether Ibrahim's activity was associated with what Twitter issued in a statement earlier this week, saying it had suffered a data exploit. Twitted admitted that a malicious bug was implanted into its application by an anonymous cyber-criminal, which could've jeopardized numerous Twitterites information across the world, including Indian users. Twitter, however, did not reveal the person responsible for the exploit.

What can this Vulnerability do? 
This exploit in the Twitter android application can allow hackers to see personal information of the users, and also gives them the command of user accounts, by allowing hackers to tweet or send messages. The researcher Balic is known for exposing the security flaw in Apple's developer center in the year 2013. "We are working our best to ensure that the bug couldn't be exploited again," said the Twitter spokesperson. Twitter has faced various security issues in the past this year.

Twitter Followers of the Epilepsy Foundation Targeted by a Mass Strobe Cyber attack


A series of mass cyber-attack occurred during the National Epilepsy Awareness Month, as the hackers circulated videos and pictures of 'flashing strobe lights' to a huge number of Twitter followers of the Epilepsy Foundation and obviously aimed to trigger seizures in those suffering with the disorder.

The foundation revealed 30 similar attacks in the first seven day stretch of November, and said it had documented complaints with law enforcement authorities, also including with the US Lawyer's Office in Maryland, where the group's headquarters are situated. It was very indistinct what number of users tapped on the videos and animated images known as GIFs.

In that attack, a Marine Corps veteran from Maryland, John Rayne Rivello, was accused for utilizing Twitter to send a GIF with a blinding strobe light to an epileptic author, Kurt Eichenwald, who had expressed his views through his writings fundamentally on Donald J. Trump and his supporters during the 2016 presidential campaign.

The journalist Kurt Eichenwald was sent a strobing image over Twitter that caused him to have an epileptic seizure

Mr. Eichenwald, who was a correspondent for The New York Times from 1986 to 2006, had composed an opinion piece in Newsweek featured as "How Donald Trump Supporters Attack Journalists."  and in his writing he portrayed the death threats he had received on the grounds that he had 'written critically' on Mr. Trump.

In December 2016, after production of the Newsweek piece, Mr. Eichenwald told the investigators that he once came across such a message from somebody distinguished as @jew_goldstein, which contained a strobe light GIF and an assertion in capital letters: "You deserve a seizure for your posts."

Looking at the strobe caused an immediate seizure that kept going around eight minutes.

Investigators discovered several digital clues which drove them to Mr. Rivello, including a message he had sent to some other Twitter users that read, "I hope this sends him into a seizure." They likewise found a screenshot on Mr. Rivello's iCloud account demonstrating Mr. Eichenwald's Wikipedia page with a 'fake' date of death just as a screenshot of a list of epilepsy seizure triggers that had been duplicated from an epilepsy data site.

Nonetheless Mr. Eichenwald filed a lawsuit against Mr. Rivello in the federal court in Maryland for battery and various other claims. The defense moved to reject it, contending to some degree that the battery claim couldn't be bolstered on the grounds that Mr. Eichenwald didn't claim that any physical contact had happened.

Be that as it may, Chief Judge James K. Bredar of the United States District Court in the District of Maryland allowed the lawsuit to continue, further writing that the “novelty of the mechanism by which the harm was achieved" didn't make the supposed activities any lesser degree of an unjust act.

Twitter Used Phone Numbers and Email Addresses Provided for Security to Target Ads


Twitter, on Tuesday, admitted using phone numbers and email addresses of users provided for the purpose of enhancing security via two-factor authentication to serve target ads.

However, sensitive user data has not been shared with the company’s third-party partners and the issue which stemmed the incident has been taken care of; now the phone numbers and email addresses are only asked for security purposes, according to Twitter.

Last year, Facebook was caught for engaging in a similar practice where the phone numbers and email addresses provided by the users to make their accounts more secure were used by the social media giant to target ads, as per the Federal Trade Commission (FTC).

In the wake of the breach, Twitter received widespread criticism for compromising its users' privacy. The fact that user security has been violated through a framework that was intended to rather strengthen it, further fuelled the public reproval. Although the company did not intend to use sensitive user data for the purpose of ad targeting, one can’t deny that the platform was practicing the aforementioned without the knowledge of its users. Moreover, it took the company almost a month to disclose the information.

Putting what Twitter called as an 'error' into perspective, it wrote in a post on its Help Center website, “Tailored Audiences is a version of an industry-standard product that allows advertisers to target ads to customers based on the advertiser's own marketing lists (e.g., email addresses or phone numbers they have compiled)."

"When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes." The company added.

Remarking data (here) as a liability, Duruk, a human-computer interface expert, wrote “Phone numbers stored for 2FA end up in advertising hellhole. The more you accrue, the more someone inside your org will find a way to abuse it.”

Apologizing for the inadvertent mistake, Twitter further wrote, "We’re very sorry this happened and are taking steps to make sure we don’t make a mistake like this again."

US: Investigators can Use Fake Social Media Profiles to Monitor Potential Visa Seekers





US Citizenship and Immigration Services officers, who were previously banned from creating fake social media profiles, can now create such profiles for the purpose of monitoring social media information of foreigners attempting for visas, citizenship and green cards.

On Friday, the ban was overturned in the review of potential privacy issues conducted and posted online by the Homeland  Security Department.

Explaining the need for the reversal of the ban, a statement by USCIS said that locating evidence of fraud and cross verifying the information for security reasons will be made easier for officers and investigators while deciding whom to allow inside the US.

The concerned State Department took several other steps which included asking applicants applying for US visa to provide their social media handles. However, it is ambiguous how resorting to fake social media identities would be carried out successfully as the terms and conditions of major social media platforms like Facebook and Twitter would clearly be violated while impersonating.

Commenting on the matter, Twitter said in a statement, "It is against our policies to use fake personae and to use Twitter data for persistent surveillance of individuals. We look forward to understanding USCIS's proposed practices to determine whether they are consistent with our terms of service,"

As per the DHS document, the investigating officers are restricted from interacting or conversing with people on various social media platforms and are only allowed to review and verify information passively. Although a lot of social media activity can be viewed and hence reviewed without an account,  certain platforms still keep within bounds the access for the guest users.

Referencing from the remarks made by Dave Maass, a senior investigative researcher for the civil liberties advocacy group Electronic Frontier Foundation, use of fictitious accounts "undermines our trust in social media companies and our ability to communicate and organize and stay in touch with people."

"It can't be this double standard where police can do it, but members of the general public can't." He added.