Tech Brew Ride Home - Thu. 07/16 – The Great Twitter Hijack of 2020
Episode Date: July 16, 2020I run down the whole mess of the great twitter hijacking from last night. Facebook is rolling out more labels for politicians. Facebook might also be positioning itself for a TikTok diaspora. Amazon n...ow lets influencers run home shopping-network-style shows on the website. And Apple officially has a podcast. Sponsors: JoinFightCamp.com/techmeme TinyCapital.com Links: Apple, Biden, Musk and other high-profile Twitter accounts hacked in crypto scam (TechCrunch) A hacker used Twitter’s own ‘admin’ tool to spread cryptocurrency scam (TechCrunch) Hackers Convinced Twitter Employee to Help Them Hijack Accounts (Motherboard) The Interface (Casey Newton) Facebook to label posts about voting from presidential candidates (Axios) Facebook readies global launch of its TikTok competitor (NBC News) Amazon Influence Program opens to live streamers for broadcasting Amazon Life (TechCrunch) How to subscribe to Apple’s free daily news podcast (9to5Mac) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco.
Hey, who did this to you?
What happened next turned the story into a political firestorm.
Reports have identified the victim as Bob Lee, the founder of Cash App.
From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16.
Welcome to the Tech Meme Ride Home for Thursday, July 16th, 2020. I'm Brian McCullough. Today I run down the whole mess of the great Twitter hijacking from last night. Facebook is rolling out more labels for politicians. Facebook might also be positioning itself for a TikTok diaspora. Amazon now lets influencers run home shopping network style shows on the website. And Apple officially has a podcast. Here's what you miss today in the world of tech.
If you live on Twitter at all, then you might have noticed a great disturbance in the Twitter force last night,
possibly the greatest disturbance we've ever seen. One by one, prominent accounts for Bitcoin,
Barack Obama, Joe Biden, Ripple, Binance, Elon Musk, Bill Gates, Jeff Bezos, Wiz Khalifa,
the cash app, the list goes on and on. All of these accounts suddenly started shilling for
what seemed to be a cryptocurrency scam. For example, here was the tweet from Joe
Biden's account, quote, I am giving back to the community. All Bitcoin sent to the address below will be
sent back doubled. If you send $1,000, I will send back $2,000, only doing this for 30 minutes, end quote.
I don't know how much that would have been effective from the Joe Biden account, but maybe if you
were getting that from Jeff Bezos or Elon Musk, you might take it seriously. For a while,
everything was chaos. Some of the prominent accounts seemed to gain control of their accounts back,
only to see them hijacked again, quoting TechCrunch.
It became clear early on that this situation was not the case of a single account being compromised,
as we've seen in the past, but something else altogether.
Even Apple, a company known for robust security, somehow fell victim to the scheme.
As the issues continued, many verified Twitter users also reported being unable to tweet
around 3.15 p.m. Pacific Time.
The official Twitter support account confirmed,
users may be unable to tweet or reset your password while we review and address this incident.
By Wednesday evening, Twitter said that most tweeting should be back to normal, but functionality may come and go as the company, quote, continues working on a fix, end quote.
Indeed, it was that period of time when all verified Twitter users, all those blue check marks, couldn't tweet at all, that everything was full on chaos.
Fortunately for me, I've never been verified, so I could still tweet, but a ton of folks couldn't.
Q much gnashing of teeth, cue much rending of garments,
cue a lot of snark about how the haves and have-nots were suddenly in stark relief on Twitter.
I reached out to the most on-twinter person that I know for a comment.
This is hashtag creator Chris Messina from last night.
Brian, I am so stressed out.
This hack happened, and I can't tweet, and I'm losing my goddamn mind.
I can't say anything about this hack that is happening on Twitter on my 14th Twitterversary.
Whoever these efforts are, I hope they find them and bring them to justice.
Yes, lots of folks were caught up in the irony of not being able to tweet about not being able to tweet.
Others were taking it with some humor.
Mark Andreessen, who you might know has voluntarily kept himself off of Twitter for a few years now,
eventually tweeted, quote,
Now feels like the perfect time to fully express my views on a bunch of highly controversial topics,
only to tweet the automated warning from Twitter that his tweets couldn't be posted.
By late last night, Twitter support tweeted the following, quote,
We detected what we believe to be a coordinated social engineering attack by people
who successfully targeted some of our employees with access to internal systems and tools.
We know they use this access to take control of many highly visible,
including verified accounts, and tweet on their behalf.
We're looking into what other malicious activity they may have conducted or information they may have accessed and
we'll share more here as we have it. Once we became aware of the incident, we immediately locked down the
affected accounts and remove tweets posted by the attackers. We also limited functionality for a much
larger group of accounts, like all verified accounts, even those with no evidence of being compromised,
while we continued to investigate this. This was disruptive, but it was an important step to reduce the risk.
Most functionality has been restored, but we may take further action.
and we'll update you if we do.
We have locked accounts that were compromised
and will restore access to the original account owner
only when we are certain we can do so securely, end quote.
Apparently, most accounts are now functioning again as of this morning.
Meanwhile, the Bitcoin wallet mentioned in some of the hijacked tweets
was apparently seeing hundreds of thousands of dollars in Bitcoin deposits as of last night.
So how did this all happen?
Well, the very nature of the accounts affected and the widespread nature of the attack
tipped a lot of people off.
Most people forget this, but social networks are run by people.
People, at least some of whom, have super user access to accounts, even famous ones.
This is quoting from TechCrunch.
A hacker allegedly behind a spate of Twitter account hacks on Wednesday gained access to
a Twitter admin tool on the company's network that allowed them to hijack high-profile
Twitter accounts to spread a cryptocurrency scam, according to a person with direct knowledge of the
incident. A person involved in the underground hacking scene told TechCrunch that a hacker,
who goes by the handle Kirk, likely not their real name, generated over $100,000 in the matter
of hours by gaining access to an internal Twitter tool, which they used to take control of
popular Twitter accounts. The hacker used the tool to reset the associated email addresses of affected
accounts to make it more difficult for the owner to regain control. The hacker then pushed
a cryptocurrency scam that claimed whatever funds a victim sent will be sent back doubled.
The person told TechCrunch that Kirk had started out by selling access to vanity Twitter
accounts such as usernames that are short, simple, and recognizable. That's a big business,
actually, if not still illegal. A stolen username or social media handle can go for anywhere
between a few hundred dollars or thousands. Kirk is said to have contacted a trusted member
of OG users, a forum popular with traders of hacked social media handles.
Kirk needed the trusted member to help sell Stolden vanity usernames.
In several screenshots of a Discord chat shared with TechCrunch, Kirk said, quote,
send me at names and BTC referring to Twitter usernames and cryptocurrency.
And I'll get your S done, he said, referring to hijacking Twitter accounts.
But then later in the day, Kirk, quote, started hacking everything, the person told TechCrunch.
Kirk allegedly had access to an internal tool on Twitter's network, which allowed them to
effectively take control of a user's account. A screenshot shared with TechCrunch shows the
apparent admin tool. Twitter was removing tweets and suspending users all last night that shared
screenshots of that tool. The tool appears to allow users, ostensibly Twitter employees, to control
access to a user's account, including changing the email associated with the account and even
suspending the user altogether. The person did not say exactly how Kirk got access to Twitter's
internal tools, but hypothesized that a Twitter employee's corporate account was hijacked.
With a hijacked employee account, Kirk could make their way into the company's internal network.
The person also said it was unlikely that a Twitter employee was involved with the account
takeovers, end quote. Although there is differing reporting on that, this was in Motherboard
last night, quote, a Twitter insider was responsible for a wave of high profile account
takeovers on Wednesday, according to leaked screenshots obtained by Motherboard and two sources who took over
accounts. Quote, we used a rep that literally done all the work for us, one of the sources
told Motherboard. The second source added, they paid the Twitter insider. Motherboard granted
the source's anonymity to speak candidly about a security incident. A Twitter spokesperson told
motherboard that the company is still investigating whether the employee hijacked the accounts
themselves or gave hackers access to the tool, end quote. I reached out to our friend Dave Bittner
at the Cyberwire podcast for his thoughts on what might have happened last.
night. This is what he shared. This situation with Twitter is of course still developing,
but there are a number of theories gaining traction among security professionals. Twitter
themselves say that the attack was the result of social engineering, that a coordinated
campaign targeted several employees with access to administrative controls. Joseph Cox
over at Motherboard is in touch with individuals claiming responsibility for the breach,
and they say they bribed a Twitter employee who had access to the administrative control panel.
Some security pros are puzzled that this type of access would be used for something as simple and dopey as a Bitcoin scam,
and they wonder if this could be misdirection.
There could be more at play.
Perhaps what the bad guys were after was access to account DMs, direct messages.
Others wonder if it's a demonstration of capabilities meant to shake the public's confidence in Twitter,
especially as we head toward the U.S. elections this fall.
But it's important to remember, again, that this story is still new,
and all accounts of motive and objective are at this point, more or less well-informed speculation.
Might want to head over to the Cyberwire podcast for today's episode, as I'm sure they can go much deeper into the technical side of this than I can.
At the time of this recording this morning, no further official word from Twitter on what actually went down, quoting Casey Newton.
Twitter will likely spend the next several days investigating how this incident took place, a criminal investigation,
seems likely, during which the company may not be able to fully describe Wednesday's events
to our satisfaction. But it is vital that as soon as possible Twitter share as much about
what happened today as it can, and just as importantly, what it will do to ensure that it never
happens again. The threat here is not simply user privacy and data security, though those
threats are real and substantial. It is about the striking potential of Twitter to incite
real-world chaos through impersonation and fraud. As of today, that potential has been realized.
And I can only worry about how, with a presidential election now less than four months away,
it might be realized further, end quote.
Facebook is rolling out labels to all posts from presidential candidates and federally elected
officials that mentioned voting or ballots, quoting Axios. The labels rolling out today
aren't a judgment of whether the posts themselves are accurate, but are in a judgment.
instead meant to signal to Facebook users that they can get the most accurate information about voting by leading them to an official government website.
Posts that specifically reference voting by mail will link to an official government website on absentee voting.
Facebook says it plans to extend such voter initiatives to other apps, including Instagram and messenger, soon, end quote.
Remember when I speculated about what might happen if TikTok were to somehow be banned suddenly for U.S. users,
Well, might some TikTok rivals be positioning themselves for just such an eventuality no matter how unlikely it might be?
Are they positioning themselves just in case?
Sources are saying Facebook is planning to launch Instagram Reels, its answer to TikTok, to new markets in the coming weeks, including the U.S., UK, Japan, Mexico, and around 50 other countries.
Interestingly, Reels has already stepped into the breach for the TikTok diaspora, quoting NBC News.
Like TikTok, Instagram Reels lets users make and share 15-second video clips set to a vast catalog of music.
Like TikTok users can also borrow and remix audio from other people's videos.
And like TikTok, users can see their clips go viral in a featured Reels section of the most popular videos.
Facebook first launched Reels in Brazil last November and expanded it to France and Germany last month.
It launched in India last week, just days after India banned TikTok and more than 50 other Chinese
apps citing privacy and security concerns, end quote.
Amazon has launched a new live streaming option for influencers on its Amazon Live service.
Essentially, this is a home shopping network style video feed right inside of Amazon's retail site,
quoting TechCrunch.
The influencer program quietly debuted in 2017.
as a way for Amazon to capitalize on the growing trend of influencer marketing as a way to drive sales.
The program itself is a step up from the Amazon Associates Program as it requires approval to join
and gives influencers their own page with an Amazon URL to showcase their recommendations.
Though Amazon already catered to video creators through the program,
the new live streaming option is focused on its own Amazon Live service.
A sort of modern-day version of QVC that streams directly on Amazon's shopping site,
Amazon Live launched last year as the retailer's latest effort to attract consumers by way of live
video. On Amazon Live shows, hosts talk about and demonstrate products, much like they would do on
home shopping networks. Underneath the video, a carousel guides consumers to purchase the items
featured. This service wasn't Amazon's first attempt at live content. The retailer pulled the
plug on its earlier effort in live content, a short-lived show called StyleCode Live that
featured hosts with TV and broadcast backgrounds who brought in experts to talk beauty and style
tips, end quote. And finally today, Apple has finally, finally, sort of, officially from a certain
angle, gotten into podcasting. With the latest version of iOS, by the way, the iOS 13.6 update is out
right now. Apple's news app has been updated to include an audio stories tab on Apple News Plus,
and included in that is a daily audio news briefing produced by Apple called Apple News Today, as well as
curated local news collections in five U.S. cities and regions. First, about that new Apple News
audio tab, quoting Apple. Beginning today, Apple News will produce about 20 audio stories a week across
a wide range of interests narrated by professional voice actors. These are audio versions of some of the
best feature reporting and long-form pieces published by Esquire, Essence, Fast Company, GQ, New York
magazine, Sports Illustrated, Time, Vanity Fair, Vogue, Wired, and more, and newspapers including
the Los Angeles Times and the Wall Street Journal.
audio stories are now available to Apple News Plus subscribers in the U.S., end quote.
In that same tab, you can now also see Apple News Today. It's new brief morning news rundown show.
And it's Apple News Today that interests us because it is available right now as a free podcast as well.
You can subscribe to it in any podcast app that supports RSS.
You don't have to be an Apple News Plus subscriber to listen to this.
This is why I'm saying this is Apple's first official foray into podcasting, quoting 9 to 5 Mac.
Apple News Today is published every weekday and is hosted by Shemita Basu and Duarte Geraldino,
esteemed reporters from the world of news and public radio who Apple hired to host the show.
As you might expect from an Apple production, the Daily News is delivered with careful editing
and editorial in a very high-quality production.
You can listen to Apple News Today through the news app.
access to the News Plus Audio tab.
Right now, this is only available for customers in the United States.
The Apple News Today Show will be featured at the top of the tab when new episodes air.
With the release of iOS 13.6, Apple News is also available as an app in CarPlay so you can listen to the Apple News Today update and all of the other audio stories quickly and simply from your car's dashboard, end quote.
one personal note here and a bit of a tie-in to this podcast. Duarte Gérardino is a friend of mine who I met
when we did the TED residency program together a few years ago. And funny enough, you might know him
as well. Duarte has a true, deep, classical radio voice, much, much more of a radio voice than I have.
So about two years ago, when we were launching this show, I had him record a bunch of
ads for us to promote the TechMeme Ride Home podcast when it was launching. So chances are very good
that some percentage of you are listening to me right now because you heard Duarte's ad on another
podcast and you got turned on to this show. Does this sound familiar to you? Mark Zuckerberg told
the New Yorker the new source he definitely follows is TechMeme. So listen to the TechMeme Ride Home
podcast. The podcast, anyone who's anyone in Silicon Valley listens to every day in just 15
to 20 minutes, you get a rundown of what happened in the world of tech with all the headlines,
contacts, commentaries, and tweets from all the biggest players. New episodes every day at 5 p.m.
Eastern. Search your favorite podcast app for Ride Home and subscribe to the Tech Meme Ride Home
podcast. Talk to y'all tomorrow.
