AGL 8.30 Decreased By ▼ -0.03 (-0.36%)
ANL 10.95 Increased By ▲ 0.25 (2.34%)
AVN 79.70 Increased By ▲ 1.51 (1.93%)
BOP 5.75 Increased By ▲ 0.18 (3.23%)
CNERGY 5.64 Increased By ▲ 0.26 (4.83%)
EFERT 79.36 Increased By ▲ 0.71 (0.9%)
EPCL 67.48 Decreased By ▼ -0.31 (-0.46%)
FCCL 14.89 Increased By ▲ 0.39 (2.69%)
FFL 6.70 Increased By ▲ 0.10 (1.52%)
FLYNG 7.16 Increased By ▲ 0.13 (1.85%)
GGGL 11.60 Increased By ▲ 0.26 (2.29%)
GGL 17.51 Increased By ▲ 0.27 (1.57%)
GTECH 8.35 Increased By ▲ 0.05 (0.6%)
HUMNL 7.17 Increased By ▲ 0.11 (1.56%)
KEL 3.14 Increased By ▲ 0.06 (1.95%)
LOTCHEM 35.20 Increased By ▲ 2.33 (7.09%)
MLCF 28.35 Increased By ▲ 0.05 (0.18%)
OGDC 87.70 Increased By ▲ 3.15 (3.73%)
PAEL 16.63 Increased By ▲ 0.18 (1.09%)
PIBTL 6.05 Increased By ▲ 0.20 (3.42%)
PRL 19.46 Increased By ▲ 1.34 (7.4%)
SILK 1.14 No Change ▼ 0.00 (0%)
TELE 11.41 Increased By ▲ 0.31 (2.79%)
TPL 9.20 Increased By ▲ 0.20 (2.22%)
TPLP 20.25 Increased By ▲ 0.37 (1.86%)
TREET 27.10 Increased By ▲ 0.48 (1.8%)
TRG 96.20 Increased By ▲ 1.70 (1.8%)
UNITY 20.85 Increased By ▲ 0.48 (2.36%)
WAVES 13.90 Increased By ▲ 0.27 (1.98%)
WTL 1.34 Increased By ▲ 0.03 (2.29%)
BR100 4,275 Increased By 67 (1.59%)
BR30 15,794 Increased By 348.3 (2.26%)
KSE100 42,872 Increased By 628.4 (1.49%)
KSE30 16,219 Increased By 247.6 (1.55%)
Markets

Before hack tore through Twitter, online forum offered accounts for sale

  • For $250 in digital currency, the seller promised they’d reveal the email linked to a Twitter account. And for $2,500, the buyer would get the account itself - satisfaction guaranteed.
Published July 17, 2020

Before a hacking campaign tore through Twitter and compromised some of its most high-profile users, an ad went up on a gray market site that facilitates the trade of user accounts for many popular websites including Twitter.

For $250 in digital currency, the seller promised they’d reveal the email linked to a Twitter account. And for $2,500, the buyer would get the account itself - satisfaction guaranteed.

“You will be given a full refund if for any reason you aren’t given the email/@,” the poster said, describing the Twitter account with an @ sign.

The ad, a screenshot of which was provided to Reuters by Hudson Rock, an Israeli company that monitors online forums for stolen credentials and breached data, was an early indication that all was not well at Twitter, a company which is still reeling from the hijacking of a slew of VIP accounts, including those belonging to reality TV star Kim Kardashian, Amazon.com founder Jeff Bezos, and Microsoft co-founder Bill Gates.

Although the details are still coming into focus - and Twitter and the FBI are still investigating - the fact that early word of the hack spread on a forum popular with gamers and Instagram account swappers suggests the incident likely had a nexus with low-level cybercrime rather than nation state-level subterfuge.

“This doesn’t look like a particularly sophisticated hacking group,” said Roi Carthy, the chief executive of Hudson Rock.

An administrator at OGUsers, the account trading forum, confirmed the screenshot was authentic, telling Reuters the user selling the ad - named “chaewon” - was suspended once those that ran the site realized what was happening.

He said his site - whose users particularly treasure accounts with one- or two-character handles, dubbed “OGs” - explicitly bans trafficking in hacked credentials.

In theory, social media companies like Twitter and Instagram ban the sale of accounts no matter how they are acquired, but the administrator said internet firms “pick and choose when to enforce that rule” and the practice was widely tolerated.

Other researchers saw similar chatter about access to a Twitter tool for changing account settings, and they noted the earliest reported hacks Wednesday were of short Twitter handles, like @6.

Only afterward were accounts for bitcoin exchanges and celebrities hacked, said Allison Nixon, chief research officer at security consultancy Unit 221B.

“When you have these less professional criminal groups, you see chaotic outcomes,” said Nixon, who tracked down and preserved private chats in the Twitter hack. “One member might stumble across a powerful hack, and it spirals out of control. That’s probably what happened here.”

Comments

Comments are closed.