Do we know for sure that the admin tools can do all this? My understanding was that the tools enabled password resets, which allowed the attackers to tweet from the accounts themselves.
> For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets.
[1]: https://github.com/tpope/vim-surround