Twitter is removing images from the social network that could point to how attackers executed a major hacking spree on the platform. On Wednesday, hackers took over the Twitter accounts of prominent users, including Barack Obama, Bill Gates, Elon Musk, Kanye West and Jeff Bezos, in order to promote a Bitcoin scam.
While Twitter hacks are nothing new — the social network experiences frequent account takeovers — the repeated and singular theme of Wednesday’s account takeovers suggest an effort beyond the SIM jacking attack that ensnared Twitter CEO Jack Dorsey last August.
“Given that numerous high-profile Twitter accounts were compromised as part of this attack — accounts that would presumably be protected by multifactor authentication and strong passwords — it is highly likely that the attackers were able to hack into the back end or service layer of the Twitter application,” said Michael Borohovski, director of software engineering at the cybersecurity company Synopsys.
Twitter didn’t respond to a request for comment on what was behind Wednesday’s hacking spree. In a tweet, the company said it was investigating “a security incident impacting accounts.”
(For tips on how to secure your Twitter account, see this.)
Posters on a hacking forum for selling highly-desired Twitter handles on Wednesday displayed screenshots of Twitter’s administrative panel, which showed internal details like the email addresses registered with accounts, when the account was last accessed, and what phone numbers were tied to it. It also displayed the number of strikes logged against each account.
The screenshots were first reported by Motherboard, and shared with CNET by a user on the forum.
“They forced me to delete the Tweet and they gave me a 12 hour ban from Tweeting or interacting with anyone on the website,” the person who shared the screenshots said.
The images are being removed from Twitter for violating the website’s rules because they show personal information, including the accounts’ contact information.
The thread showing Twitter’s internal tools has since been removed, according to the user. It’s unclear how hackers were able to get screenshots of Twitter’s internal tools.
Lawmakers are already demanding answers from the social network. Sen. Josh Hawley, a Republican from Missouri, sent a letter to Twitter requesting that he reach out to the Department of Justice and the FBI for help in the investigation.
The letter asks for Twitter to disclose if the hacking campaign was a breach of users or of Twitter’s own internal systems.
“I am concerned that this event may represent not merely a coordinated set of separate hacking incidents but rather a successful attack on the security of Twitter itself,” Hawley said. “As you know, millions of your users rely on your service not just to tweet publicly but also to communicate privately through your direct message service. A successful attack on your system’s servers represents a threat to all of your users’ privacy and data security.”