Whenever you see a hack like the one that befell Twitter a couple of weeks back, there’s inevitably a quote from a spokesperson about the “complicated” nature of the hack.
As we learn more about what happened at Twitter though, that doesn’t appear to be so accurate.
The incident took place on July 15 when several Twitter employees were victimized by a phone-based spear-phishing attack that provided the hackers with credentials for the social media firm’s internal systems and tools enabling their takeover, Twitter reported last week.
So, OK, it does take some smarts to socially engineer your way into a network and use their internal tools. It’s not “so” complicated, but it takes some level of knowing what you’re doing. But, these same smart people who put together such a complicated hack, also got caught pretty quickly.
Investigators were able to tie Sheppard and Fazeli to the various cryptocurrency wallets and Discord accounts involved using their driver’s license numbers, which the two used to verify their cryptocurrency wallets.
Smart enough to get in, not smart enough to cover their tracks when getting paid. That doesn’t seem so smart. Which goes to show, that security around Twitter could have been a lot better, and people who work there maybe should have been a little less careless. That doesn’t bode well for the rest of us when even a big tech company can’t get this right. How many of us have people on staff who might fall for this kind of phone-based attack?
What should we think of the complicated, super-smart hackers who also manage to be so easily identifiable? Should we accept that the hardest thing about any conspiracy, and this goes for all the conspiracy theories out there, is making sure one person doesn’t do something stupid and give it all away? That. actually, is nearly impossible, and is the one thing that makes most theories unbelievable to me. This hack proves to be a perfect example.
Follow these topics: Tech