Twitter crypto hack reveals the fragility of this social media dumpster fire platform
Send us $1k bitcoin and we’ll send back double.
Last night there was a massive Twitter hack that saw a ton of high-profile accounts like Apple, Bill Gates, Joe Biden, Elon Musk, Barak Obama, Jeff Bezos and many more suddenly tweet some crypto scam nonsense.
It is a known scam — send Bitcoin and have that Bitcoin returned double — but that’s not the point. The point is it happened. To tech leaders and world leaders, all who likely have two-factor authentication turned on.
The apparent back door that enabled the attack was a Twitter employee who basically held open the door for hackers when an employee — either inadvertently or intentionally, Twitter is investigating — allowed visibility of an internal user tool that allows ownership changes of certain accounts and allows a third-party to tweet from those accounts. Twitter is working to remove those screenshots from existence.
Our investigation is still ongoing but here’s what we know so far:
— Twitter Support (@TwitterSupport) July 16, 2020
The only logical thing to do was shut off the tap. Twitter disabled any account with a blue checkmark (a real one) for a little while last night while it investigated. The accounts weren’t totally disabled, but they weren’t able to tweet. This didn’t affect Kevin, because he doesn’t have a blue checkmark. The ban didn’t last too long and was lifted by second dinner.
You may be unable to Tweet or reset your password while we review and address this incident.
— Twitter Support (@TwitterSupport) July 15, 2020
As the only verified writer at KnowTechie, I’m apt to agree with Casey Newton on all this. As he writes in The Interface:
The threat here is not simply user privacy and data security, though those threats are real and substantial. It is about the striking potential of Twitter to incite real-world chaos through impersonation and fraud. As of today, that potential has been realized. And I can only worry about how, with a presidential election now less than four months away, it might be realized further.
While I don’t necessarily agree in substance, I agree that the magnitude of this platform to affect real-world events continues to grow. This is all we’re writing and reading about this morning, and it was just a silly Bitcoin scam.
While the non-verified Twitter users enjoyed the void created by a good portion of the 359,000 blue checks disappearing for a while, the threat of abuse that would consume the world lingers. At the same time, if our idiot President hasn’t started a world war with his incendiary tweets thus far, it’s doubtful that a hacker would. If anything, this hack shows both the vulnerability of Twitter and the huge grain of salt that we consume it with.
That being said, this also makes the case for Twitter to completely reform its platform
I’m not saying more protection for blue checks, but I’m saying that everyone should be a blue check on a paid platform behind another level of security. One that doesn’t require a simple screenshot of an internal tool to hack. One that comes with a higher level of confidence in security tools because we’re paying for it (that hypothetical paid platform would also be devoid of advertising).
There would be two versions of Twitter. One for paid users that would still be able to see public timelines and interact with them, and one for free users, who can see but not interact with the paid timeline. That way it’s all public, but the interactions are limited by paid tiers. Again, this doesn’t prevent a hack, but generally, a company puts more money and effort into securing a paid network. Of course, there are still hacks. It’s almost inevitable.
Considering the attack was enabled by internal sources and not some nefarious outside force, it lends even more to not being able to fully trust the platform. Which I think is a good thing. We shouldn’t take it so seriously and perhaps with this security breach, we’ll be less likely to start a thermonuclear global war based on a couple of tweets.
Assume everything is a hack, a lie, a distortion of reality spat out through a tweet. That way, we’ll never really allow the platform to escalate anything IRL when truly vicious hacks occur. Question everything. Believe nothing. Become an apathetic general of your reality. Tweets are ephemeral visions of a world that only exists on your screen. The moment we start to take this shit too seriously is the moment we are fully susceptible to our own truths being distorted.
- Twitter has now hit Trump with a ‘manipulated media’ tag for a doctored video
- Auditors claim Facebook has been doing a terrible job at basically everything
- It’s happening: Major brands are pulling their ads from Facebook and Instagram
- You might be able to sue a website for embedding your Instagram post without permission