Massive July Twitter hack aided by stolen VPN credentials

Reading time icon 2 min. read


Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Key notes

  • The notorious July Twitter hack was reportedly made possible with the help of stolen VPN credentials from Twitter remote employees.
  • Twitter's home-working employees were targetted by a phishing attack, cleverly disguised as the VPN they used to connect to work resources.
  • Check out the best VPNs for Windows 10 that can keep your privacy safe.
  • Visit our Security & Privacy Hub for more ways to secure your digital presence.
Twitter hack stolen VPN credentials

Reportedly, the infamous Twitter hack that took place in July was made possible with the help of stolen VPN credentials. Reportedly, the perpetrators targeted a few Twitter employees with a phishing attack.

The attackers created a page that was identical to the genuine VPN login page that home working Twitter employees used to connect to the work systems. After successfully retrieving the employees’ VPN credentials, the hackers used them to connect to the Twitter network.

Twitter’s security took a serious blow

What happened during the Twitter hack in July?

The notorious Twitter hack that occurred earlier this year in July targeted approximately 130 high-profile Twitter accounts, including those of Elon Musk, Joe Biden, Apple, Barack Obama, and Jeff Bezos.

The hackers managed to steal VPN credentials from Twitter remote working employees and use them to infiltrate the Twitter network.

Once in, they started to post on verified accounts, suggesting that donations worth $1,000 in Bitcoin transferred to specific wallet addresses would be doubled in a 30-minute timeframe. Needless to say, some of the followers got scammed.

microsoft edge phishing protection results

Despite Twitter‘s repeated attempts to remove the malicious messages, many more would appear on several other accounts. Reportedly, the attack managed to rake nothing short of $118,000 in Bitcoin.

Cybersecurity, a real reason for concern

Given the current situation and the steadily increasing number of work-from-home employees, companies might need to consider enforcing even stricter policies regarding permissions and privileges.

Business VPNs open previously unavailable opportunities to hackers, which are getting more dangerous by the day. Without proper cybersecurity awareness, just about anyone could fall for hackers’ increasingly creative schemes.


Do you believe remote working without proper training can turn big companies into easy targets for hackers? Tell us what you think in the comments section below.

[wl_navigator]

More about the topics: Cybersecurity, Phishing, twitter, VPN

User forum

0 messages