Twilio Hacked; 125 Employees’ Credentials Breached
Synchronized phishing SMS campaign has been the latest scamming weapon launched by criminal hackers against their victims. According to cyber security analysts, websites hacked by threat actors, who have infiltrated their network systems, suffered massive monetary losses amounting to billions of dollars annually.
Recently, Twilio became the victim of a phishing scam, where hackers targeted some of its employees in an SMS phishing scam. The latest hack reaped private credentials that were later utilized by criminals to access Twilio’s website. However, the stolen information in the related SMS phishing attack utilizes FIDO2-compliant hardware, which is specially assigned security keys for an additional layer of protection.
With quick intervention, the threat actors’ triumph was short lived, as after the hack was discovered Twilio alerted affected customers. Twilio quickly revoked compromised credentials to limit the dark web hackers’ access to its systems.
Additionally, the company in order to fight back against the criminals sent a coordinated demand asking tech firms that utilizes its software, to monitor their databases for similar attacks and delete all compromised accounts.
Twilio’s Database Security
Also, Twilio has the Cloudflare systems installed, and according to the company, the hackers’ attempts to utilize the stolen login credentials were quickly averted. Cloudflare’s hard key requirement prevents the threat actors to further distribute their harmful malware.
Twilio has revealed that it had been the target of another hacking campaign back in May 2021. In that hack, the company was a victim of the Codecov supply-chain assault, with this the dark web hackers were able to utilize the Codecov Bash Uploader tool to steal access passwords and secret keys.
Furthermore, Twilio’s security breach would have devastating consequences because the company owns Authy, the well-known two-factor authentication (2FA) provider. So far, the massive cloud communications company revealed that only 125 clients’ data was stolen during the latest security breach.
With the detected hack last week, it was also revealed that the hackers’ attempts were limited as the perpetrators’ action was quickly discovered, and affected Twilio customers were advised to delete the compromised accounts.
Twilio has now requested several USA mobile phone carriers to deactivate the breached accounts that the criminal hackers used in their phishing campaigns. However, it is expected that the threat actors can easily steal other SMS accounts. And as they do from the dark web, continue launching malicious phishing attacks on unsuspecting victims.