How did Twitter’s hackers do it? Here’s one likely explanation

Bank review, current USBR score and consumer report

Cybersecurity experts are speculating about the cause of a spate of high-profile Twitter hijackings that rocked the social media giant on Wednesday.

The accounts of many of Twitter’s most prominent users including former Vice President Joe Biden, Tesla CEO Elon Musk, and Microsoft co-founder Bill Gates posted fraudulent tweets intended to lure people into Bitcoin-related scams.

Early theories about what went wrong suggested the work of SIM swapping, a hacking technique that involves taking over phone numbers linked to online accounts. Last year, a hacker group employed the method to commandeer Twitter CEO Jack Dorsey’s personal Twitter account.

While the technical details of the latest breach remain unclear, the growing consensus is that Twitter—the company, rather than individual users impacted—succumbed to a major hack. The leading theory is that hackers gained access to an internal tool—an administrative “panel” used by Twitter employees to manage people’s accounts—to conduct the breach.

Screenshots of the purported panel circulated online in the aftermath of the hacking, as Vice Motherboard reported. Twitter has deleted the images, saying they violate the company’s rules about sharing “private, personal information” in tweets.

A source with intimate knowledge of the company’s internal workings told Fortune this theory was the likeliest explanation for the widespread account hijackings. The individual requested anonymity because of a lack of authorization to speak to press.

“Think of this like a web form,” the source said, describing Twitter’s technical infrastructure. Such tools enable the company’s engineers to handle key operations—everything from account suspensions to advertising campaigns.

But these tools can also allow an attacker—such as a rogue, hacked or otherwise comprised insider—to “come in sideways” and send a tweet from any account, the source said.

Twitter did not respond to Fortune’s questions about the hack, and instead pointed to its public comments. In those comments, the company described the event as “a security incident” and said it had temporarily disabled tweets and password resets by “verified” accounts while attempting to regain control, an unprecedented measure.

It’s unclear who’s behind the hacking. The perpetrators may have at least been partly motivated by money, given their public posts requesting that Twitter users send them cryptocurrency.

More must-read tech coverage from Fortune:

11 Things You Should Know Before You Get Your First Credit Card

A credit card may seem like just another tool to help you make purchases, but it can be much more. When used responsibly, a credit card can help you build

What Is a Balance Transfer, and Should I Consider Doing One?

In a perfect world, no one would carry a balance on their credit card. We would all pay our bills in full each month and never have to worry about

How Is Credit Card Interest Calculated?

So your bank tells you that your credit card has a 15% APR. What does that actually mean? How does your bank calculate your interest rate, and how does that translate into how much you actually pay? …

What Is a Balance Transfer, and Should I Consider Doing One?

In a perfect world, no one would carry a balance on their credit card. We would all pay our bills in full each month and never have to worry about

Subscribe to our e-mail list and stay up-to-date with all our news.

The US Bank Review is an independent authority and bank watchdog group monitoring financial institutions operating the in United States. We have no affiliation with any banks featured, reviewed or profiled. All rights reserved. Terms of use and Privacy Policy