Massive July Twitter hack aided by stolen VPN credentials

Reportedly, the infamous Twitter hack that took place in July was made possible with the help of stolen VPN credentials. Reportedly, the perpetrators targeted a few Twitter employees with a phishing attack.

The attackers created a page that was identical to the genuine VPN login page that home working Twitter employees used to connect to the work systems. After successfully retrieving the employees’ VPN credentials, the hackers used them to connect to the Twitter network.

Twitter’s security took a serious blow

What happened during the Twitter hack in July?

The notorious Twitter hack that occurred earlier this year in July targeted approximately 130 high-profile Twitter accounts, including those of Elon Musk, Joe Biden, Apple, Barack Obama, and Jeff Bezos.

The hackers managed to steal VPN credentials from Twitter remote working employees and use them to infiltrate the Twitter network.

Once in, they started to post on verified accounts, suggesting that donations worth $1,000 in Bitcoin transferred to specific wallet addresses would be doubled in a 30-minute timeframe. Needless to say, some of the followers got scammed.

Despite Twitter‘s repeated attempts to remove the malicious messages, many more would appear on several other accounts. Reportedly, the attack managed to rake nothing short of $118,000 in Bitcoin.

Cybersecurity, a real reason for concern

Given the current situation and the steadily increasing number of work-from-home employees, companies might need to consider enforcing even stricter policies regarding permissions and privileges.

Business VPNs open previously unavailable opportunities to hackers, which are getting more dangerous by the day. Without proper cybersecurity awareness, just about anyone could fall for hackers’ increasingly creative schemes.

---

Do you believe remote working without proper training can turn big companies into easy targets for hackers? Tell us what you think in the comments section below.

[wl_navigator]