
Twitter Hacking for Profit and the LoLs - feross
https://krebsonsecurity.com/2020/07/twitter-hacking-for-profit-and-the-lols/
======
site-packages1
Question about these hacked accounts: Why pay money for some account like this
when Twitter will presumably just return the account to the original holder?

And assuming I'm giving Twitter too much credit: How would one even start to
use a taken over account, assuming the new account has its own followers and
history, it's not as if one could just change identities and start posting
from a new account as onesself. It would be weird to ask all my friends to
start following a new account because I've switched accounts?

Sorry, I don't think I've ever really understood Twitter.

~~~
Rotdhizon
Your question holds the answer. It's very possible that any stolen account may
not be returned to the owner. 1 letter accounts are worth 5 figure dollar
amounts to people who are obsessed with online clout. Same goes for any other
major social platform. IG, snap, Xbox, playstation network, etc. Most of the
1-2 letter and short "OG" accounts on IG are all either bought, traded, or
stolen. Very, very few original owners exist in the space.

There are also techniques people use to boost the chances that the original
owners never get their account back. On Xbox for example, support looks at a
few specific pieces of account info and their previous entries that only the
real owner would know. So people just flood the account over and over and over
with filler info until all those original entries are gone and the original
owners suddenly have no ground to prove that they owned it. It's a vicious
game and I'll never understand why some people are so extremely desperate for
internet fame but there's a whole community based around it.

What another commenter said is also spot on. A majority of these accounts are
not owned by famous people, just random joes who got lucky or bought the
accounts on forums. Unless you are famous, these platforms do not care about
you. If you can't get your account back through the standard support options,
there's no special options(usually) for you to get help like famous people
have.

~~~
135792468
I’m a random joe who has one! I have a two letter twitter account that I’d
gladly sell for 5 figures if that were true. I get daily hack attempts and
blackmail threats often. Good times.

~~~
rozab
I'd love to read a blog post about that if you manage to do it

------
cflewis
He's doxxing people again that he _guesses_ are responsible, just like the
last article. It leaves a very bitter taste. He's not law enforcement. He
should be handing these personal details to the FBI for investigation, not
putting them on a souped-up-blog.

~~~
Eiriksmal
I've stopped clicking on any Krebs links after reading the comments about his
doxxing behavior last week. The thread is here:
[https://news.ycombinator.com/item?id=23865035](https://news.ycombinator.com/item?id=23865035)

The main article about it is here: [https://itwire.com/security/infosec-
researchers-slam-ex-wapo...](https://itwire.com/security/infosec-researchers-
slam-ex-wapo-man-krebs-over-doxxing.html)

This brand of... journalism surely sees itself as one that keeps the world
safe, cflewis. Without brave vigilante journalists, who would give _other_
vigilantes the information needed to SWAT your house or mail you illegal
substances?

~~~
Nasrudith
All I see is pulling on the threads and crucially no judgement in the process
in a transparent passionless matter. The email tracing could have lead to some
shmuck with a compromised or long inactive account co-opted after another
breach and he followed up on it instead of simply assuming guilt. The damn FBI
could learn tricks from him on proper investigation without assumptions
appears to be the goal more than trying to find what they want (incrimination
of some sort).

------
roland35
What concerns me the most is that if this recent attack was accomplished by
this outfit, it seems very likely state actors probably have infiltrated
Twitter and may be sitting on information a bit more subtly.

------
kanobo
It's been clear to me since their Failing Whale that Twitter is a reactionary
company compared to its peers, it will wait until something explodes before
they deeply address an issue. It makes for fun postmortems to read as an
outsider, but I would be embarrassed to work there tbh. I can't believe for a
company of their scale there were no safeguards in place already.

------
FDSGSG
>Known as “original gangster” or “OG” accounts

Krebs sounds pretty lost. Precisely nobody calls these "original gangster"
accounts besides some boomers from the media struggling to understand the
community.

