Thu. 07/16 The Great Twitter Hijack of 2020
Welcome to the right home for Thursday. July sixteenth twenty twenty. I'm Brian McCullough today. I run down the whole mess of the great twitter jacking from last night. FACEBOOK is rolling out more labels for politicians. facebook might also be positioning itself for a tick. Tock Diaspora Amazon now. Let's influencers run home. Shopping network style shows on the website and apple officially has a podcast. Here's what you missed today in the world of Tech. If you live on twitter at all. Then you might have noticed a great disturbance in the twitter force last night. Possibly the greatest disturbance. We've ever seen one by one prominent accounts for Bitcoin. Barack Obama Joe Biden Ripple Finance Elon. Musk Bill Gates Jeff bezos. wiz Khalifa the cash APP. The list goes on and on all of these accounts, suddenly started schilling for what seemed to be a crypto currency scam. For example. Here was the tweet from Joe Biden's account quote. I am giving back to the community. All bitcoin sent to the address below will be sent back doubled. If you send a thousand dollars, I will send back two thousand, only doing this for thirty minutes and quote. I don't know how much that would have been effective from the Joe Biden Account, but maybe if you were getting that from Jeff, Bezos or Elon, musk you might take it seriously. For a while everything was chaos. Some of the prominent accounts seemed to gain control of their accounts back only to see them hijacked again coding tech crunch, it became clear early on that the situation was not the case of a single account being compromise as we've seen in the past, but something else altogether, even apple, a company known for robust security, somehow fell victim to the scheme as As the issues continued many verified twitter users also reported being unable to tweet around three fifteen pm. Pacific time the official twitter support contract users may be unable to tweet or reset your password while we review and address this incident by Wednesday evening. Twitter said that most tweeting should be back to normal, but functionality may come and go as the company continues working on a fix and quote. Indeed it was that period of time when all verified twitter users. All those blue check marks couldn't tweet it all then. Everything was full on chaos. Fortunately for me, I've never been verified, so I could still tweet, but a ton of folks couldn't. Q. Much gnashing of teeth, Q. Much rendering of garments q a lot of snark about how the haves and have nots were suddenly in stark relief on twitter I reached out to the most on twitter person that I know for comment. This is Hashtag Creator Chris Messina from last night. Brian. I am so stressed out. This happened and I can't tweet. and. I'm losing my Goddamn. mind. I can't say anything about this hack that is happening on twitter on my fourteenth twitter Serie. Whoever these? Efforts are. I hope they find them and bring them to justice. Yes. Lots of folks were caught up in the irony of not being able to tweet about. To tweet, others were taking it with some humour Mark Andriessen. Who you might know has voluntarily kept himself off twitter for a few years now. Eventually tweeted quote now feels like the perfect time to fully express my views on a bunch of highly controversial topics. Only to tweet the automated warning from twitter that his tweets couldn't be posted by late last night, twitter support tweeted the following quote. We detected what we believe to be coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools. We know they use this access to take control of many highly visible, including verified accounts and tweet on their behalf. We're looking into what other militias activity they may have conducted or information. They may have accessed, and we'll share more here as we have it once. We became aware of the. The incident. We immediately locked down the affected accounts and remove tweets posted by the attackers. We also limited functionality for a much larger group of accounts like all verified accounts, even those with no evidence of being compromised while we continue to investigate this. This was disruptive, but it was an important step to reduce the risk. Most functionality has been restored, but we may take further action, and we'll update you if we do. We have locked accounts that were compromised and will restore access to the original account owner. Only when we are certain, we can do so securely and quote. Apparently most accounts are now functioning again. As of this morning, meanwhile, the bitcoin wallet mentioned in some of the hijack tweets was apparently seeing hundreds of thousands of dollars in bitcoin deposits as of last night. So. How did this all happen? Well the very nature of the accounts effected, and the widespread nature of the attack tipped a lot of people off. Most people forget this, but social networks are run by people people at least some of whom have super user access to accounts, even famous ones. This is quoting from tech crunch. A hacker allegedly behind a spate of twitter account hacked on Wednesday gained. Gained access to twitter Adleman tool on the company's network that allowed them to hijack high-profile twitter accounts to ready cryptocurrency scam, according to a person with direct knowledge of the incident, he person involved in the underground hacking seen told tech crunch that a hacker who goes by the handle Kirk likely not their real name generated over one hundred thousand dollars in the. The matter of hours by gaining access to an internal twitter tool which they used to take control of popular twitter accounts. The hacker used the tool to reset the associated email addresses of affected accounts to make it more difficult for the owner to regain control. The hacker then pushed a cryptocurrency scam that claimed whatever funds a victim sent will be sent back doubled. Doubled. The person told techcrunch that Kirk had started out by selling access to vanity twitter accounts such as user names that are short, simple and recognizable. That's a big business, actually, if not still illegal, a stolen username or social media handle can go for anywhere between a few hundred dollars or thousands Kirk said to have contacted a trusted member of og users. Popular with traders of hacked social media handles. Kirk needed the trusted member to help sell stolen vanity user names in several screen shots of discord shared with techcrunch Kirk said quote, send me at names and BTC referring to twitter user names and cryptocurrency and get your s done. He said, referring to hijacking twitter accounts, but then later in the day, kirk quote started hacking everything. The person told Tech. Crunch Kirk allegedly had access to an internal tool on twitter network, which allowed them to effectively take control of a user's account. A screen shot shared with tech crunch shows the apparent adn tool twitter was removing tweets and suspending users. That shared screen shots of that tool. The tool appears to allow users ostensibly twitter employees to control access to a user's account including changing the email associated with the accounting, even suspending the user altogether, the person did not say exactly how kirk got access to twitter's internal tools, but hypothesize that eight twitter employees corporate account with hijacked with a hijacked employees account Kirk could make their way into the company's internal network. The person also said it was unlikely that eight twitter employees was involved with the account takeovers and quote. Although there is differing reporting on that. This was in motherboard last night, quote, a twitter insider was responsible for a wave of high profile account takeover on Wednesday, according to leaked screen shots obtained by motherboard into sources who took over accounts? Quote, we used a rap that literally done all the work for us. One of the sources told motherboard the second source added they paid the insider motherboard granted the sources anonymity to speak candidly about a security incident. Twitter spokesperson told motherboard that the company is still investigating whether the employees hijacked the accounts themselves or gave hackers access to the tool and quote. I reached out to our friend. Dave bittner at the cyber wire podcast for his thoughts on what might have happened last night and this is what he shared. This situation with twitter is of course still developing, but there are a number of theories gaining traction among security professionals. Twitter themselves say that the attack was the result of social engineering that a coordinated campaign targeted several employees with access to administrative controls. Joseph Cox over at motherboard is in touch with individuals, claiming responsibility for the breach, and they say they bribed twitter employees who had access to the administrative control panel. Some security pros are puzzled that this type of access would be used for something as simple and dopey as a bitcoin scam and they wonder if this could be misdirection, there could be more play. Perhaps with the bad guys were after was access to account DM strike messages. Others wonder if it's a demonstration of capabilities meant to shake the public's confidence in twitter, especially as we head toward the US elections this fall. But it's important to remember again that this story is still new and all accounts of motive and objective. Are this point more-or-less informed speculation. Might want to head over to the cyber wire podcasts for today's episode. As I'm sure, they can go much deeper into the technical side of this than I can at the time of this recording this morning. No further official word from twitter. What actually went down? Quoting Casey Newton. Twitter will likely spend the next several days investigating how this incident took place. A criminal investigation seems likely during which the company may not be able to fully describe Wednesday's events to our satisfaction, but it is vital that as soon as possible twitter share as much about what happened today as it can, and just as importantly what it will do to ensure that it never. Never happens again. The threat here is not simply user privacy and data security, though those threats are real and substantial, it is about the striking potential of twitter to incite real world chaos through impersonation and fraud as of today that potential has been realized, and I can only worry about how with a presidential election now less than four months away, it might be realized further and quote. Board with your workout regimen. Well I've got a new one for you. Fight camp. Fight Camp Brings The boxing gym to your living room. They provide all the gear and top trainers everything you need to get great workouts in in the comfort of your home, and via their convenient APP fight camp gives you access to some of the best trainers in the world ranging from a pro MMA fighter to kickboxing world champion. Boxing twelve weeks starter program teaches you the fundamentals of boxing. Workout every time the workouts are structured like traditional boxing rounds three minutes of intense boxing and bodyweight exercises, and then one minute of rest it's the perfect high intensity interval training access over four hundred different workouts for all fitness levels and skills with four new ones added every week and it's affordable. Fight camp offers flexible financing for as low as zero percents, APR, and right now as limited time offer, you can try. Try Fight Camp for thirty days with their money back guarantee just go to join fight camp dot com slash tech name. That's right. Try Fight Camp for thirty days, and if you don't love it, they will refund your money train like fighter and turn your sweat into results to try fight camp for thirty days just to join fight camp dot com slash tech, meam, join fight camp, dot, com slash tech me. Let's take a look at a specific type of company. That tiny tends to like to buy. If what I'm about to describe sounds like you, you need to talk to tiny. Let's say you've raised money and you've built a good business, a good business with serious revenue, and maybe some prophets, but you know at this point. You're never going to achieve venture scale. You're doing great. You found product market. Fit Your delighting your customers, and you become the company. You were meant to be but look those folks who invested in you were hoping for a tax return, and you're never gonNA get there. That's fine. There's no shame growing. Growing a profitable business ever your investors need a soft landing, though and that's fine to your company needs a good home for the long term. That's exactly where tiny comes in tiny knows. Founders went to sell their companies without dealing with the brain damage that sometimes entails founders don't want to freak out their team. Don't want to jeopardize their hard work by flipping too short term oriented virus. Don't want to answer to micromanage boards. If this is you, go talk to tiny and get to know a buyer who will put all your fears to rest tiny capital. Dot Com, and when you touch, tell them Brian sent you. FACEBOOK is rolling out labels to all post from presidential candidates and federally elected officials that mentioned voting or ballots, quoting axios the labels rolling out today are a judgment of whether the post themselves are accurate, but are instead meant to signal to facebook users that they can get the most accurate information about voting by leading them to an official government website posts that specifically reference voting by mail will link to an official government website on absentee voting facebook says it plans to extend such voter initiatives to other APPs, including instagram and Messenger soon and quote. Remember when I speculated about what might happen if Tiktok were to somehow be banned suddenly for us, users well might some tick tock rivals be positioning themselves for just such an eventuality, no matter how unlikely it might be, are they positioning themselves? Just in case, sources are saying facebook is planning to launch instagram reels. It's answered Tiktok to new markets in the coming weeks, including the US UK Japan Mexico and around fifty other countries, interestingly reels has already stepped into the breach for the Tick Tock, diaspora quoting NBC news like. Like TIKTOK instagram reels lets users make share fifteen second video clips set to a vast catalog of music like tiktok users can also borrow remix audio from other people's videos and liked tiktok users can see their clips go viral in a featured real section of the most popular videos facebook I launch wheels and Brazil last November and expanded it to France and Germany. Last month it launched in India last week just days after India banned Tick Tock and more than fifty other Chinese APPS, citing privacy and security concerns end quote. Amazon has launched a new live streaming option for influencers on its Amazon. Live Service. Essentially this is a home shopping network style video. Feed right inside of Amazon's retail site quoting techcrunch the influence, our program quietly debuted in two thousand, seventeen as a way for Amazon to capitalize on the growing trend of influence or marketing as a way to drive sales the program itself is a step up from the Amazon Associates Program, as it requires approval to join and gives influencers their own page with an Amazon Url to showcase their recommendations. Though Amazon already catered to video creators through the program. The new live streaming option is focused on its own Amazon live service a sort of modern day version of QVC that streams directly on Amazon's shopping site Amazon live launch last year as the retailers latest effort to attract consumers by way of live video on Amazon. Live shows host, talk about and demonstrate products much. Much likely would do on home. Shopping networks underneath the video carousel guides consumers to purchase the items featured. The service wasn't Amazon's first attempt that live content. The retailer pulled the plug on its earlier effort in live content, a short-lived show called style code live that featured hosts with TV and broadcast backgrounds who brought in experts to talk beauty and style, tips and quote. And finally today apple has finally sort of officially from a certain angle gotten into podcasting. With the latest version of IOS by the way, the IOS thirteen dot six update is out right now. Apple's news APP has been updated to include an audio stories tab on Apple News plus and included in that is a daily audio news briefing produced by apple called Apple News today as well as curated local news collections in five US cities and regions I about that New Apple News Audio Tab Kooning apple beginning today apple. News will produce about twenty audio stories a week across a wide. Wide Range of interests narrated by professional voice actors, these are audio versions of some of the best feature reporting and long form pieces published by esquire essence, Fast Company G Q New York magazine sports illustrated time Vanity Fair Vogue wired and more and newspapers including the Los Angeles Times and the Wall Street Journal. Audio stories are now available to Apple News plus subscribers in the US and quote. In that same tab! You can now also see apple news today. It's new brief. Morning News rundown show. It's apple news today that interest, because it is available right now as a free podcast as well. You can subscribe to it and any podcast APP that supports our assess. You don't have to be an apple news plus subscriber to listen to this. This is why I'm saying. This is apple's first official foray into podcasting, quoting nine to five Mac apple news today is published every weekday and hosted by Shumita Basu and Duarte Geraldino esteemed reporters from the world of news and public radio WHO apple hired to host the show as you might expect from apple production the. Daily News is delivered with careful editing and editorial in a very high-quality. high-quality production you can listen to apple news today through the news APP. If you have access to the news plus audio tab right now, this is only available for customers. In the United. States, the Apple News today's show will be featured at the top of the TAB. When new episodes air with the release of IRS, thirteen dot, six apple news is also available as an APP in Carplay, so you can listen to the apple news today update, and all of the other audience stories quickly, and simply from your car's Dashboard and quote. One personal note here and a bit of a tie into this podcast. Duarte Geraldino is a friend of mine who I met when we did the Ted Residency, program together a few years ago and funny enough. You might know him as well. Duarte has a true deep classical radio voice much much more of a radio voice than I have. So about two years ago when we were launching this show, I had him record a bunch of ads for us to promote the tech name. Ride home podcast when it was launching. So, chances are very good that some percentage of you are listening to me right now. Because you heard Duarte's add on another podcast and you've got turned onto this show. Does this sound familiar to you mark. Zuckerberg told The New Yorker. The new source he definitely follows is technically so listen to the tech meam ride home podcast the podcast. Anyone who's anyone in Silicone Valley listened to every day in just fifteen to twenty minutes. You get a rundown of what happened in the world of tech with all the headlines, context, commentaries and tweets from all the biggest players you episodes every day at five PM. Eastern search your favorite podcast APP for ride home and subscribed the tech name ride home podcast. Talk to you, tomorrow.