Don’t Be Naive: Obama/Biden “Twitter Hack” Not What It Seemed


I’m betting that the recent Twitter hack of prominent political and celebrity Twitter accounts was politically motivated and nation-state operated. But that’s not what “the investigators” say. And that false narrative could have massive implications for your privacy. Here’s the background in a nutshell:

Approximately 130 high-profile Twitter accounts were hacked on July 15 in what the company is calling a “coordinated social engineering attack”.  Victims included politicians like Barack Obama and Joe Biden, heads of mega companies like Tesla CEO Elon Musk, Amazon CEO Jeff Bezos and Microsoft CEO Bill Gates, and company accounts like Apple and Uber. Ironically, Donald Trump’s account has “extra security” protecting it from access, which begs the question, why don’t we all get added security if it’s possible?

Using various angles (“feeling grateful”, “giving back to my fans”…), hackers posted tweets on the compromised accounts saying that if followers sent Bitcoin to a wallet address then they would receive double the amount in return. No one falls for those scams anymore, right? At least 363 transactions occurred and the account received more than $118,000 in just a few hours. 

Investigators believe the people behind the twitter hack appear to have come from the “OG” community, a group interested in original, short Twitter handles such as @a, @b or @c, for instance. It is thought that they worked with at least one Twitter employee to gain access to an internal tool that allows staff to change email addresses associated with accounts; the hackers were able to reset the passwords of 45 of the accounts. The OG Community is not known to be tied to any nation state and their motivation is supposedly a mix of financial gain, hacker bragging rights, and disruption. So let me get this straight:

Experts are saying that cybercriminals got their hands on the Twitter accounts of 45 of the most powerful people on the planet and the best they could come up with was a tired Bitcoin scheme that made them $118,000? That’s pocket change to cybercriminals, and might be the lamest attribution for a hack I’ve ever heard. 

The key words above are “The OG Community is not known to be tied to any nation state” which is exactly why a nation-state like Russia would use technological tools like TOR’s Onion Router and trumped up OG user accounts to hide behind a plausible, alternative hacking group that would take the attention off of the real motivation. I can’t tell you how many historical cyberattacks I have seen that have been digitally disguised behind a highly-attractive alternative reality. 

Here is a fundamental law of cyberattacks: Hacker attribution (who actually performed the hack) and hacker motivation (why the hack was performed), is an exceptionally difficult puzzle to solve, and often manipulates outsiders in exactly the opposite direction. 

Twitter says no passwords were stolen, but they have not yet been able to confirm whether direct messages were compromised. I’m guessing that it will come out down the road that both passwords and direct messages were compromised. That’s how the corporate publicity machine works: the first message claims little damage and the truth comes out subsequently when we have all stopped paying attention (e.g., Target, Equifax, Marriott…).

So What Was the Point of the Twitter Hack – $118,000? NOT!

Clearly, nation-states don’t need $118,000 in Bitcoin, right? The twitter hack was simply a dry run for political disinformation attacks, cyber blackmail and campaign IP eavesdropping that will manifest closer to our presidential election. Nation-states that have a horse in the U.S. presidential race were testing the waters and covering their tracks by pointing to a plausible alternative explanation.

Yes, this hack raises questions about Twitter’s ability to secure its service against election interference and misinformation ahead of the U.S. presidential election, but those questions have existed for at least four years now. It also threatens the confidentiality and privacy of direct messages sent through Twitter; incredibly powerful information in the race for power. Politicians, business leaders and individuals alike should migrate their private messages to apps like Signal or even the less secure but better than Twitter option of Apple Messages. 

John Sileo is a cybersecurity expert, award-winning author and media personality as seen on 60 Minutes, Anderson Cooper and Fox & Friends. He keynotes conferences virtually and around the world and is the CEO of The Sileo Group, a technology think tank based in Colorado