Twitter has confirmed the series of cryptocurrency-related hackings on its platform originated from a third-party software provider – and not its own system.

In an email to Hard Fork, a Twitter spokesperson confirmed attackers exploited a third-party marketing solution to blast fake Bitcoin giveaway links from a slew of verified accounts, including Google and Target.

Twitter refrained from naming the app in question.

The confirmation comes only days after a number of high-profile public figures and brands – including Google and retail giant Target – got their accounts breached to propagate malicious cryptocurrency giveaway links.

While Target initially suggested attackers had inappropriately accessed its Twitter account to push the Bitcoin scam to its almost two-million audience, it later backtracked its statement.

Contrary to its previous statements, the retailer clarified that hackers never directly accessed its Twitter account. Rather, Target told Hard Fork the hackers managed to post the malicious tweets by leveraging a third-party marketing app, authorized to post content on Target’s behalf.

The confirmation the hackings originated from a third-party app explains how the attackers managed to run the Bitcoin giveaway scam at such a large scale – and in such an organized manner.

Earlier this week, Twitter told Hard Fork it is working closely with affected companies in order to resolve the situation. Ironically, moments later Google’s G Suite account posted a malicious Bitcoin giveaway link.