Last Friday, threat actors compromised the Twitter account of the social media platform’s very own CEO Jack Dorsey and used it to send out a string of vulgar and racist tweets, including a bomb threat regarding Twitter’s headquarters. After 18 minutes Twitter managed to recover the account and assured users that there were no signs of its systems getting breached.
The social media firm later stated that “the phone number associated with the account was compromised due to a security oversight by the mobile provider,” allowing the attacker to “compose and send tweets via text message from the phone number.” According to Atherton Research the hackers pulled off a SIM-swap attack by convincing a customer support representative at AT&T, the provider in question, to port Dorsey’s number to a different SIM. The attackers then used the Twitter-owned service Cloudhopper to send tweets from Dorsey’s account via text messages. This was possible because Cloudhopper doesn’t adequately verify the identity of the person using the service. While the threat actors didn’t take complete control over Dorsey’s account, the SIM swap put them in a position to do so by resetting the password.
Read more: Why Twitter Blames AT&T For The Hack Of Its CEO Jack Dorsey Account, Sending Shocking Racist Tweets