Hackers involved in the Twitter breach said it started as a quest for cool usernames. Then one member of the group began going after cryptocurrency companies, Jeff Bezos, and Kanye West. w/ @nathanielpopper https://www.nytimes.com/2020/07/17/technology/twitter-hackers-interview.html
Here's what we know: Someone going by the name Kirk got access to Twitter's internal dashboard. He claimed to be a Twitter employee, but later claimed he hacked into Twitter's Slack channel and found login credentials pinned there.
Kirk gathered a team of middlemen and began selling OG usernames. The first account we identified was @y, which they sold for about $1,500 in bitcoin. Prices escalated throughout the day to tens of thousands of dollars.
Then it seems like Kirk realized he could do more with his unfettered control over Twitter accounts. Using the same bitcoin wallet from earlier in the day, he set up a scammy website, then started tweeting a link to it from accounts belonging to crypto companies.
From there, he moved on to celebrity accounts, like Jeff Bezos, Elon Musk and Kanye West. Twitter finally managed to lock him out, but only by shutting down tweets from all verified users.
Funnily enough, some of his middlemen claimed to be asleep when all this action was taking place! One of them provided screenshots of texts with his girlfriend, saying he was going to take a nap, to corroborate his story.
When he woke up, Kirk was gone. He'd made off with about $180,000 in bitcoin. Here's our updated story with all the details: https://www.nytimes.com/2020/07/17/technology/twitter-hackers-interview.html
Update from Twitter: Attackers could tweet from 45 of the 130 accounts they targeted. For 8 accounts, they downloaded full archive data. https://blog.twitter.com/en_us/topics/company/2020/an-update-on-our-security-incident.html
This is the kind of content that sits in the full archive. A potential disaster if this was taken from the Obama or Biden accounts, and a huge embarrassment if it was taken from Bezos or Musk.