Hi,

On Wednesday, 15 July 2020, hackers gained access to 130 accounts on Twitter, including high profile accounts such as Barack Obama, Joe Biden, Bill Gates, Elon Musk, Kanye West, Kim Kardashian West and Warren Buffett, as well as accounts of companies such as Apple, Uber, and several cryptocurrency platforms.

The hackers posted a bitcoin scam on some of these high-profile accounts such as a screenshot of the tweet from Barack Obama’s account below [The Street].

Twitter deleted the tweets quickly but the hackers had already netted in excess of $100,000 in Bitcoin by then. Twitter is still investigating the hack and the full extent of the data compromised is yet to be known. Their blog that is providing an update on the incident, explains that the probable attack vector was most likely a social engineering scheme targeting Twitter employees [Twitter].

At this time, we believe attackers targeted certain Twitter employees through a social engineering scheme. What does this mean? In this context, social engineering is the intentional manipulation of people into performing certain actions and divulging confidential information. 

Several screenshots of internal Twitter tools provided by sources close to the hackers to Motherboard, seem to corroborate this [Vice].

"We used a rep that literally done all the work for us," one of the sources told Motherboard. The second source added they paid the Twitter insider. Motherboard granted the sources anonymity to speak candidly about a security incident. A Twitter spokesperson told Motherboard that the company is still investigating whether the employee hijacked the accounts themselves or gave hackers access to the tool.

Many who may not fall for scams such as this on a regular basis may have fallen for it when it comes from the account of Barack Obama, Bill Gates, Elon Musk, Apple, etc.

But a Bitcoin scam is one thing. When verified accounts of some of the most powerful and prominent people in the world are hacked, then the repercussions may be much more grave, and could even be the start of nuclear war. As Casey Newton writes in his newsletter, The Interface:

And that makes you wonder what contingencies the company has put into place in the event that it is someday taken over not by greedy Bitcoin con artists, but state-level actors or psychopaths. After today it is no longer unthinkable, if it ever truly was, that someone take over the account of a world leader and attempt to start a nuclear war. (A report on that subject from King’s College London came out just last week.)

The hackers also downloaded data from several of the hacked accounts. Theresa Payton, the former White House chief information officer under President George W. Bush says that this could evolve into a blackmail situation [CNN].

"Are they going to come back later with a 'dump and dox' campaign or a blackmail situation?" said Payton. "We only know about the accounts they flipped with that message. How about all the other accounts they didn't flip with that message?"

After an incident such as this, how do people restore their trust in services such as Twitter? How do people believe with certainty that what is being communicated is truly from whom it’s supposed to be from? What is believable anymore?

Other interesting articles from around the web

+ Fake accounts are constantly manipulating what you see on social media. Here's how [Science Alert]

Troll farms are sowing chaos, division, and distrust through huge numbers of fake social media accounts. Their goal is to create a belief that truth no longer exists.

Even as a social media researcher, I underestimate the degree to which my opinion is shaped by these attacks. I think I am smart enough to read what I want, discard the rest and step away unscathed.

Still, when I see a post that has millions of likes, part of me thinks it must reflect public opinion. The social media feeds I see are affected by it and, what's more, I am affected by the opinions of my real friends, who are also influenced.

The entire society is being subtly manipulated to believe they are on opposite sides of many issues when legitimate common ground exists.

I have focused primarily on US-based examples, but the same types of attacks are playing out around the world. By turning the voices of democracies against each other, authoritarian regimes may begin to look preferable to chaos.

Platforms have been slow to act. Sadly, misinformation and disinformation drives usage and is good for business.

+ In astounding test scientists revive damaged lungs for transplant [New York Times]

Researchers at Columbia and Vanderbilt resuscitated injured and damaged lungs from brain-dead people by attaching it to a respirator and connecting each lung to a large vein in the neck of a live pig to provide blood flow through the lungs. They were resuscitated within 24 hours. In the future, it may be possible for human patients to resuscitate their own transplant lung candidates in this manner.

+ For the first time human cartilage has been engineered in space [Science Alert]

On Earth, this was already possible via bioprinters but they require gravity to work. Using magnetism to replace gravity, a cosmonaut on the International Space Station was able to engineer human cartilage in microgravity. This will be important to be able to patch injuries on long-term space journeys. Fascinating.

+ Russian hackers have been accused of targeting Covid-19 vaccine researchers [MIT Technology Review]

Russian hackers targeted UK, US, and Canadian researchers developing coronavirus vaccines, according to a report from the United Kingdom, American, and Canadian intelligence services.

+ There's now an artificial cartilage gel strong enough to work in knees [Science Alert]

Scientists at Duke University have discovered a hydrogel that is both as soft and tough as our natural knee cartilage. This could result in less invasive knee replacement surgeries. It’s still another three years away from being able to be used in humans, but in all tests so far, it looks very promising.

Quote of the week

“It’s somewhat odd that criminals had significant access to Twitter’s back-end, and decided to only pull off a cryptocurrency scam,”

—Oz Alashe MBE, CEO of Cybsafe [Information Age]

Beware of scams on social media and I wish you a brilliant day ahead :)

Neeraj