Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Twitter Attack Was Work of Young Hacker Pals: NYT

Who hacked Twitter?

Who hacked Twitter?

Hackers involved in the high-profile hijacking of Twitter accounts earlier this week were young pals with no links to state or organized crime, The New York Times reported Friday.

The attack, which Twitter and federal police are investigating, started with a playful message between hackers on the platform Discord, a chat service popular with gamers, according to the Times.

The paper said it had interviewed four people who participated in the hacking, who shared logs and screenshots backing up their accounts of what happened.

“The interviews indicate that the attack was not the work of a single country like Russia or a sophisticated group of hackers,” the Times reported.

“Instead, it was done by a group of young people – one of whom says he lives at home with his mother – who got to know one another because of their obsession with owning early or unusual screen names, particularly one letter or number, like @y or @6.”

RelatedIndustry Reactions to Twitter Hack

The massive hack of high-profile users from Elon Musk to Joe Biden has raised questions about Twitter’s security as it serves as a megaphone for politicians ahead of November’s election.

“Based on what we know right now, we believe approximately 130 accounts were targeted by the attackers in some way as part of the incident,” Twitter said in a tweet.

Advertisement. Scroll to continue reading.

“For a small subset of these accounts, the attackers were able to gain control of the accounts and then send Tweets from those accounts.”

Posts trying to dupe people into sending hackers the virtual currency bitcoin were tweeted by the official accounts of Apple, Uber, Kanye West, Bill Gates, Barack Obama and many others on Wednesday.

Twitter said it appeared to be a “coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.”

– ‘Original Gangster’ accounts –

Fraudulent posts, which were largely deleted, said people had 30 minutes to send $1,000 in cryptocurrency bitcoin, promising they would receive twice as much in return.

More than $100,000 worth of bitcoin was sent to email addresses mentioned in the tweets, according to Blockchain.com, which monitors crypto transactions.

The young hackers interviewed by the Times said a mysterious user who went by the name “Kirk” initiated the scheme with a message and was the one with access to Twitter accounts.

They contended they were only involved in commandeering lesser-known Twitter accounts, particularly to swipe coveted short handles such as an “@” sign and single letters or numbers that could easily be sold, according to the report.

The young hackers maintained they stopped serving as middlemen for “Kirk” when high-profile accounts became targets.

Some hackers are “obsessed” with hijacking “Original Gangster” social media accounts staked out in the services’ early days that have short profile names, according to Brian Krebs of Krebs on Security.

“Possession of these OG accounts confers a measure of status and perceived influence and wealth in SIM swapping circles, as such accounts can often fetch thousands of dollars when resold in the underground,” Krebs said in a post.

Hackers involved in the attack on Twitter advertised account names at an OGusers.com website, asking for payment in bitcoin, according to the Times report.

RelatedHackers Used Internal Twitter Tools to Hijack High-Profile Accounts

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Jessica Newman has joined Sophos as General Manager of Global Cyber Insurance.

Breach and attack simulation solutions provider AttackIQ has appointed Pete Luban as Field Chief Information Security Officer.

Matthew Cowell has assumed the role of VP of Strategic Alliances at Nozomi Networks. He previously served in the same role at Dragos.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.