Twitter Security

Romana

The Timeless Child
Joined
Sep 21, 2018
Messages
2,110
SL Rez
2010
I saw a tweet that the hackers had already collected something like $100K? How can people be that gullible? Like any of those famous people would use Bitcoin for their philanthropy? And require money be sent to them first? Maybe Elon Musk, because he's just so weird anyway. But anyone else?
Really, WTF?
 

Noodles

Queen of Ramen
Joined
Sep 20, 2018
Messages
727
Location
Illinois
SL Rez
2006
Joined SLU
04-28-2010
SLU Posts
6947
This is bad for Twitter but also just speaks to how much Crypto Currency is a big fat scam in general. You can't even reverse those transactions to get your money back.
 

Sid

One can't have enough coffee breaks.
VVO Supporter 🍦🎈👾❤
Joined
Sep 20, 2018
Messages
3,359
Location
Limburg, NL
SL Rez
2007
Joined SLU
Yes
I never had a Twitter account, but for now I will even stop clicking on Twitter posts here.
If the company can't guarantee that the tweets come from the real account holder..... nah.

Before you know it, someone is posting bullshit on the 45 account, and no one will ever notice the difference.
 
Last edited:
  • 1Like
  • 1ROFL
Reactions: Govi and bubblesort

Free

10K under the hat
VVO Supporter 🍦🎈👾❤
Joined
Sep 22, 2018
Messages
10,782
Location
Underground in America
SL Rez
2008
Joined SLU
2009
SLU Posts
55565

Free

10K under the hat
VVO Supporter 🍦🎈👾❤
Joined
Sep 22, 2018
Messages
10,782
Location
Underground in America
SL Rez
2008
Joined SLU
2009
SLU Posts
55565
A Twitter insider was responsible for a wave of high profile account takeovers on Wednesday, according to leaked screenshots obtained by Motherboard and two sources who took over accounts.

[...]

"We used a rep that literally done all the work for us," one of the sources told Motherboard. The second source added they paid the Twitter insider. Motherboard granted the sources anonymity to speak candidly about a security incident. A Twitter spokesperson told Motherboard that the company is still investigating whether the employee hijacked the accounts themselves or gave hackers access to the tool.

The accounts were taken over using an internal tool at Twitter, according to the sources, as well as screenshots of the tool obtained by Motherboard. One of the screenshots shows the panel and the account of Binance; Binance is one of the accounts that hackers took over today. According to screenshots seen by Motherboard, at least some of the accounts appear to have been compromised by changing the email address associated with them using the tool.
 
  • 1Wow!
Reactions: Sid

Free

10K under the hat
VVO Supporter 🍦🎈👾❤
Joined
Sep 22, 2018
Messages
10,782
Location
Underground in America
SL Rez
2008
Joined SLU
2009
SLU Posts
55565
The bad news: Twitter has now revealed that the attackers may indeed have downloaded the private direct messages (DMs) of up to 8 individuals while conducting their Bitcoin scam, and were able to see “personal information” including phone numbers and email addresses for every account they targeted.

That’s because Twitter has confirmed that attackers attempted to download the entire “Your Twitter Data” archive for those 8 individuals, which contains DMs among other info.
 
  • 1Thanks
Reactions: Sid

bubblesort

Active member
Joined
Nov 16, 2018
Messages
339
I never had a Twitter account, but for now I will even stop clicking on Twitter posts here.
If the company can't guarantee that the tweets come from the real account holder..... nah.

Before you know it, someone is posting bullshit on the 45 account, and no one will ever notice the difference.
If Trump starts tweeting in complete sentences, with good grammar and punctuation, then we know it's not really him. The only way to impersonate Trump tweets would be to feed it through a Russian translator, then an English translator, then a malfunctioning autocorrect.
 
  • 1LOL
Reactions: Sid

Chalice Yao

The Purple
Joined
Sep 20, 2018
Messages
249
Location
Somewhere Purple, Germany
SL Rez
2007
Joined SLU
Dec 2007
SLU Posts
9108

TL;DR:
It was bored 20-somethings. Oh, and one of them made about 180k in Bitcoin off this by selling accounts.

EDIT:
Oh, I forgot the cream on top here:
Mr. O'Connor said other hackers had informed him that Kirk got access to the Twitter credentials when he found a way into Twitter’s internal Slack messaging channel and saw them posted there, along with a service that gave him access to the company’s servers.
 
Last edited:

Romana

The Timeless Child
Joined
Sep 21, 2018
Messages
2,110
SL Rez
2010
If Trump starts tweeting in complete sentences, with good grammar and punctuation, then we know it's not really him. The only way to impersonate Trump tweets would be to feed it through a Russian translator, then an English translator, then a malfunctioning autocorrect.
What's needed is the opposite of autocorrect-- an autofail, perhaps?
 
  • 1LOL
  • 1ROFL
Reactions: bubblesort and Sid

Chalice Yao

The Purple
Joined
Sep 20, 2018
Messages
249
Location
Somewhere Purple, Germany
SL Rez
2007
Joined SLU
Dec 2007
SLU Posts
9108
Oh God, it gets worse.


More than 1000(!) Twitter Employees have (or had) access to the tools to modify User Accounts. Including some contractors.
 

Free

10K under the hat
VVO Supporter 🍦🎈👾❤
Joined
Sep 22, 2018
Messages
10,782
Location
Underground in America
SL Rez
2008
Joined SLU
2009
SLU Posts
55565
Maybe post this in the Florida Man thread?

Early this morning, the FBI, IRS, US Secret Service, and Florida law enforcement placed a 17-year-old in Tampa, Florida, under arrest — accusing him of being the “mastermind” behind the biggest security and privacy breach in Twitter’s history, one that took over the accounts of President Barack Obama, Democratic presidential candidate Joe Biden, Bill Gates, Elon Musk, and more to perpetrate a huge bitcoin scam on July 15th.

The teen is currently in jail, being charged with over 30 felony count, including organized fraud, communications fraud, identity theft, and hacking, according to Hillsborough State Attorney Andrew Warren in a just-broadcast news conference describing the arrest.

It’s not clear whether the 17-year-old is the only suspect in the case. “I can’t comment on whether he worked alone,” said Warren. He was arrested at his apartment where he lives by himself, authorities stated.
 
  • 1Thanks
Reactions: Isabeau