By Dave McKay | July 18, 2020
Where’s Captain Kirk?
Four participants in the Twitter hack that breached high-profile and verified Twitter accounts in a Bitcoin grabbing scam have given interviews to the New York Times.
Their stories suggest that this was not an attack from a state-sponsored offensive cyber division, nor the work of organised crime. It was a group of 19 and 20 year olds who met online on a website/forum ostensibly for people who like to get in first on new platforms and register unusual, significant, or very short user names, (yes, that’s a thing), but actuall a website dedicated to hijacking accounts.
A user called Kirk contacted two members of that website, lol and ever so anxious, and demonstrated to them that he had access to the secure back-end of Twitter.
Allegedly, Kirk got access to the keys of the Twitter kingdom by gaining membership of the Twitter staff Slack messaging channel and saw the required credentials pinned there. Investigators say that ties in with what they have found. Twitter has declined to comment. Convinced by what he showed them, they enrolled into his scheme.
Their first attacks were the theft of prized Twitter handles, which lol and ever so anxious then sold on behalf of Kirk. Then Kirk started Tweeting from compromised, high-profile accounts, asking the followers of those accounts to send in Bitcoin which would be repaid doubled.
Twitter finally managed to wrest back control and forcibly stopped the fake Tweets. The write-up in the NYT is long, but worth the time to read.
Source: New York Times