Be careful, do not use the link on their account at the moment
I messaged CEO + CTO, and posted on the forum, this attack seems very targeted, only started after everyone is offline, fake website was well done.
I'm waiting for confirmation that nothing else was breached in fly.
tptacek•4mo ago
We know, we knew within 45 seconds of it happening, we know exactly how it happened, the impact is limited to this dumb Twitter account, the last bits of resolving this involve working X.com, we'll say more later.
SpaYco•4mo ago
glad to hear it's limited.
8cvor6j844qw_d6•4mo ago
Do we need to rotate env vars and change passwords too or is it limited to those that logged into the fake website?
tptacek•4mo ago
Nothing happened to our website. This is just a Twitter thing.
8cvor6j844qw_d6•4mo ago
Gotcha, thanks. Got worried for a second when I saw the screenshot of the website in the post.
tptacek•4mo ago
That's a link from an unauthorized tweet made up to look like our website.
SpaYco•4mo ago
I messaged CEO + CTO, and posted on the forum, this attack seems very targeted, only started after everyone is offline, fake website was well done.
I'm waiting for confirmation that nothing else was breached in fly.