Twitter on Thursday revealed further details in the massive crypto hack, saying the hackers accessed the DM (direct message) inbox of up to 36 of the 130 targeted users, including one elected official in the Netherlands.
The company said it was communicating directly with impacted account owners and will share updates “when we have them”.
Hackers last week hijacked accounts belonging to several high-profile figures, including Joe Biden, and Kanye West , former President Barack Obama, Tesla CEO Elon Musk, Bill Gates, Jeff Bezos, Mike Bloomberg, Apple and Uber among others.
The attackers sent out tweets from 45 accounts, asking individuals to send bitcoin currency to a specific cryptocurrency wallet, with the promise that money sent would be doubled and returned. They received $120,000 worth of Bitcoin in 500 transactions, with the scam said to be one of the largest ever on a social media site.
Twitter said the hackers got access to its internal systems through a “social engineering” attack on several employees.
Social engineering is a technique used by hackers to dupe users into clicking on malicious links or giving away sensitive data by crafting fake emails or other messages. The hackers then gained access to a Twitter “admin” tool on the company’s network that allowed them to hijack the accounts.
The FBI have started investigations into whether hackers bribed a Twitter employee to get access into verified accounts and post messages soliciting for bitcoins.