Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Twitter Attack Was Work of Young Hacker Pals: NYT

Who hacked Twitter?

Who hacked Twitter?

Hackers involved in the high-profile hijacking of Twitter accounts earlier this week were young pals with no links to state or organized crime, The New York Times reported Friday.

The attack, which Twitter and federal police are investigating, started with a playful message between hackers on the platform Discord, a chat service popular with gamers, according to the Times.

The paper said it had interviewed four people who participated in the hacking, who shared logs and screenshots backing up their accounts of what happened.

“The interviews indicate that the attack was not the work of a single country like Russia or a sophisticated group of hackers,” the Times reported.

“Instead, it was done by a group of young people – one of whom says he lives at home with his mother – who got to know one another because of their obsession with owning early or unusual screen names, particularly one letter or number, like @y or @6.”

RelatedIndustry Reactions to Twitter Hack

The massive hack of high-profile users from Elon Musk to Joe Biden has raised questions about Twitter’s security as it serves as a megaphone for politicians ahead of November’s election.

“Based on what we know right now, we believe approximately 130 accounts were targeted by the attackers in some way as part of the incident,” Twitter said in a tweet.

Advertisement. Scroll to continue reading.

“For a small subset of these accounts, the attackers were able to gain control of the accounts and then send Tweets from those accounts.”

Posts trying to dupe people into sending hackers the virtual currency bitcoin were tweeted by the official accounts of Apple, Uber, Kanye West, Bill Gates, Barack Obama and many others on Wednesday.

Twitter said it appeared to be a “coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”

– ‘Original Gangster’ accounts –

Fraudulent posts, which were largely deleted, said people had 30 minutes to send $1,000 in cryptocurrency bitcoin, promising they would receive twice as much in return.

More than $100,000 worth of bitcoin was sent to email addresses mentioned in the tweets, according to Blockchain.com, which monitors crypto transactions.

The young hackers interviewed by the Times said a mysterious user who went by the name “Kirk” initiated the scheme with a message and was the one with access to Twitter accounts.

They contended they were only involved in commandeering lesser-known Twitter accounts, particularly to swipe coveted short handles such as an “@” sign and single letters or numbers that could easily be sold, according to the report.

The young hackers maintained they stopped serving as middlemen for “Kirk” when high-profile accounts became targets.

Some hackers are “obsessed” with hijacking “Original Gangster” social media accounts staked out in the services’ early days that have short profile names, according to Brian Krebs of Krebs on Security.

“Possession of these OG accounts confers a measure of status and perceived influence and wealth in SIM swapping circles, as such accounts can often fetch thousands of dollars when resold in the underground,” Krebs said in a post.

Hackers involved in the attack on Twitter advertised account names at an OGusers.com website, asking for payment in bitcoin, according to the Times report.

RelatedHackers Used Internal Twitter Tools to Hijack High-Profile Accounts

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.