Subscribe to this bi-weekly newsletter here!

Welcome to the latest edition of Pardon The Intrusion, TNW’s bi-weekly newsletter in which we explore the wild world of security.

Bitcoin scammers struck gold on Wednesday by hijacking several high-profile verified Twitter accounts in what’s easily the most catastrophic security breach to hit the platform.

Among the hacked accounts were President Barack Obama, Joe Biden, Elon Musk, Jeff Bezos, Bill Gates, corporate handles of Apple and Uber corporate accounts, and a number of popular crypto exchanges.

The message sent from the hacked accounts was simple: Send bitcoin and these famous people would send back double your money.

Within a matter of few hours, people were duped into sending more than $118,000 to the hackers.

Twitter acknowledged the breach as a “coordinated social engineering attack” against its employees who have access to its internal tools.

While details of the hack are still not fully clear, it looks like the baddies behind the operation leveraged an internal Twitter tool to access the accounts and change their email addresses in order to make it difficult for the legitimate owner to regain access.

More troublingly, Motherboard’s Joseph Cox reported the hackers paid a Twitter insider to do the job. If this is true, the incident would be the second time an inside job has led to severe consequences for the company.

Given the unprecedented scale of the hack, Twitter is now likely to face tighter scrutiny of its security practices and the safeguards it has in place to prevent such an attack from happening again.

With Twitter being an influential platform for disseminating news, this incident could have gone wrong in a lot of ways. Beyond being an attack on Twitter, it’s an indication of how bad actors can carry out nefarious acts by impersonating public figures.

While it’s essential that account holders use a strong password and turn on two-factor authentication, the hack is proof that even those measures may not be enough.

What’s trending in security?

Police shut down EncroChat, a massive global secure communications platform EncroChat used by organized crime gangs. New strains of EKANS ransomware were found targeting industrial control systems, Microsoft took down malicious web domains used in a large-scale cyberattack directed against victims in 62 countries, and a Yahoo! engineer who hacked into 6,000 accounts to look for porn received no jail time.

Calling all techies

(Sponsored content)

Tweet of the week

Little confused by this whole “Black Hat is racist” argument. The term came from hat colors in western movies, and has nothing to do with race. Coming up with racist connotations for non-racially charged terms, then trying to change them on those grounds just feels wrong.

— MalwareTech (@MalwareTechBlog) July 4, 2020

For more on the discussion, click here.

That’s it. See you all in two weeks. Stay safe!

Ravie x TNW (ravie[at]thenextweb[dot]com)

Pssst, hey you!

Do you want to get the sassiest daily tech newsletter every day, in your inbox, for FREE? Of course you do: sign up for Big Spam here.