Privacy News Hackers exploit suspended & inactive Twitter accounts

Logethica

Logethica

Level 13
Thread author
Verified
Top Poster
Well-known
Jun 24, 2016
636
Hackers exploit suspended and inactive Twitter accounts:
SOURCE: ibtimes.com (ARTICLE DATE: 3 Sep 2016)

A hacker group has claimed to have discovered an exploit that allows them to seize and reactivate suspended and inactive accounts on Twitter. The group called "Spain Squad" was reportedly able to briefly reactivate accounts that were previously banned from the platform including @Hitler, @1337, @DarkNet, @LizardSquad and @Hell and take control of them with the hope of selling the infamous screennames to the highest bidder, Business Insider reports...

While handles such as @Hitler, @LizardSquad and @Hell were previously suspended by Twitter, other accounts like @AK47, @1337 and @megaupload have been inactive for a while. If an account is found violating Twitter's rules or terms of service by engaging in abusive activities such as spam, harassment, hateful conduct or promotion of violence, it may be "temporarily locked and/or subject to permanent suspension." Once suspended, there is usually no way of creating a new, separate account with the same screenname or reinstate it without the company's go-ahead.

If an account has been inactive for some time or abandoned by a user, the account isn't usually deleted by Twitter, basically rendering it unavailable for anyone else to claim.
"Suspended and deactivated usernames are not immediately available for use, so you'll need to select a different username," Twitter's support page on claiming certain usernames reads. "Unfortunately, these usernames cannot be released at this time."

Spain Squad, however, claimed that it could not only bring back suspended and inactive accounts, but change a user's Twitter handle, take control of another active account and even suspend it. The group even tweeted to notorious hacking collective PoodleCorpsaying "im going to change your @ to @skids okey?"

However, it has only reportedly demonstrated the exploit to reinstate officially suspended accounts.

"For sell @botnet @Hitler @darknet @LizardSquad @nazi @ak47 @bypass @Hell etc," the group tweeted on 2 September to try and sell the accounts on the platform, providing users with an email to contact them if interested..
[To read the full article please visit ibtimes.com]
 
Last edited by a moderator:
  • Like
Reactions: Andra Zaharia, Deleted Member 3a5v73x, safe1st and 7 others
O

Omnipotent

_CyberGhosT_ said:
I use mine every day, all of my Twitter content
is Security related, they can read that if they want :)
Click to expand...
This got me thinking.. This might be a little off-topic but, wouldn't having your security configuration posted on MalwareTips leave you vulnerable if someone was attempting to DOX/Infect your PC with malware? They would only have to code malware to bypass your whole security configuration. Preferably they would create some zero-day exploit and use social engineering to infect you. Maybe it would be a good idea to limit guests from viewing peoples security configuration.
 
  • Like
Reactions: Deleted Member 3a5v73x, safe1st, malis2007 and 6 others
SpartacusSystem

SpartacusSystem

Level 7
Verified
Well-known
Aug 6, 2015
306
xCharbz said:
This got me thinking.. This might be a little off-topic but, wouldn't having your security configuration posted on MalwareTips leave you vulnerable if someone was attempting to DOX/Infect your PC with malware? They would only have to code malware to bypass your whole security configuration. Preferably they would create some zero-day exploit and use social engineering to infect you. Maybe it would be a good idea to limit guests from viewing peoples security configuration.
Click to expand...

I wouldn't mind someone having a go, let's see how top their skills are.
 
  • Like
Reactions: SHvFl, Deleted Member 3a5v73x, DardiM and 6 others
Exterminator

Exterminator

Community Manager
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
Twitter account is inactive for well over a couple years.Facebook account is inactive also.No social media for me as it poses too much risk in employment and to family.

xCharbz said:
This got me thinking.. This might be a little off-topic but, wouldn't having your security configuration posted on MalwareTips leave you vulnerable if someone was attempting to DOX/Infect your PC with malware? They would only have to code malware to bypass your whole security configuration. Preferably they would create some zero-day exploit and use social engineering to infect you. Maybe it would be a good idea to limit guests from viewing peoples security configuration.
Click to expand...
I don't think a generic security configuration posted by a member with only a username would leave you vulnerable to a DOX infection.
It is distributed through infected websites,social networks,spam/infected emails or malicious websites.
Since this is not a malicious website with no ads and two-step verification I doubt you would be vulnerable here especially from a security configuration post.
As guests are unable to post replies or PM members they can only view a security configuration and although they can read a profile page and information about a member this information contains no personal information that could be used by a would be attacker.
 
Last edited:
  • Like
Reactions: Logethica, SHvFl, Deleted Member 3a5v73x and 5 others
O

Omnipotent

exterminator20 said:
Twitter account is inactive for well over a couple years.Facebook account is inactive also.No social media for me as it poses to much risk in employment and to family.


I don't think a generic security configuration posted by a member with only a username would leave you vulnerable to a DOX infection.
It is distributed through infected websites,social networks,spam/infected emails or malicious websites.
Since this is not a malicious website with no ads and two-step verification I doubt you would be vulnerable here especially from a security configuration post.
As guests are unable to post replies or PM members they can only view a security configuration and although they can read a profile page and information about a member this information contains no personal information that could be used by a would be attacker.
Click to expand...
Yes, MalwareTips is a safe website. But if you use the same username on every online account you have and someone is attempting to gather as much information about you, they stumble upon this website and see your whole security configuration. They would of already found your e-mail by then whilst doxing you, if the attacker has zero-day malware and your e-mail they could use social engineering and e-mail you something too good to be true, tricking you into clicking onto the website and getting infected by a drive by exploit that your anti-virus nor your anti-exploit program can detect. I know it sounds stupid, but some people that hate you can go that far. There are many undisclosed zero-day's sold on the black market. Over 50% fall victim to click-bait just like your news post. ;)
 
Last edited by a moderator:
  • Like
Reactions: Andra Zaharia, Logethica, SHvFl and 2 others
SpartacusSystem

SpartacusSystem

Level 7
Verified
Well-known
Aug 6, 2015
306
xCharbz said:
Yes, MalwareTips is a safe website. But if you use the same username on every online account you have and someone is attempting to gather as much information about you, they stumble upon this website and see your whole security configuration. They would of already found your e-mail by then whilst doxing you, if the attacker has zero-day malware and your e-mail they could use social engineering and e-mail you something too good to be true, tricking you into clicking onto the website and getting infected by a drive by exploit that your anti-virus nor your anti-exploit program can detect. I know it sounds stupid, but some people that hate you can go that far. There are many undisclosed zero-day's sold on the black market. Over 50% fall victim to click-bait just like your news post. ;)
Click to expand...

I do use the same username across many sites. :cool: I'm careful of what I post online also. They can gather all they want about the stuff I post! It's more or less, other people's content. :D
 
  • Like
Reactions: Logethica, SHvFl, Deleted Member 3a5v73x and 2 others
DardiM

DardiM

Level 26
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
May 14, 2016
1,597
xCharbz said:
Yes, MalwareTips is a safe website. But if you use the same username on every online account you have and someone is attempting to gather as much information about you, they stumble upon this website and see your whole security configuration. They would of already found your e-mail by then whilst doxing you, if the attacker has zero-day malware and your e-mail they could use social engineering and e-mail you something too good to be true, tricking you into clicking onto the website and getting infected by a drive by exploit that your anti-virus nor your anti-exploit program can detect. I know it sounds stupid, but some people that hate you can go that far. There are many undisclosed zero-day's sold on the black market. Over 50% fall victim to click-bait just like your news post. ;)
Click to expand...
You are talking about targeting. Most attacks are mass attacks (not Mars attacks :oops:), with a list of e-mails.
I think they don't need to know the configuration of people that are in this "big" list.
They just go "fishing", and wait for persons to fall into the trap.

If they target a member that posted its configuration, it can even stop them, they are often looking for facility, not for spending a lot of time for only one member, or this member should be a well known and/or an important person to be targeted :)

Some examples of messages :

In less than 7 days (copy and paste from a post in analysis) :
- Attached is the list of old office facilities that need to be replaced. Please copy the list into the purchase order form.

- Here is the travel expense sheet for your upcoming company field trip. Please write down the approximate costs in the attachment.

- Attached is the bank transactions made from the company during last month.

- Please file these transactions into financial record.

- Please sign the attached purchase of the office equipment. We will send you back the receipt afterward.
- Hello, as you requested, attached is the paycheck for your next months salary in advance.
=> my favourite :rolleyes:

An advice : We must always look at the e-mail of the sender :)
 
Last edited:
  • Like
Reactions: Logethica, SHvFl, Deleted Member 3a5v73x and 4 others
You must log in or register to reply here.

Similar threads

CyberTech
    • Like
    • Wow
    • Applause
Twitter will purge around 1.5 billion inactive accounts to free up usernames
Replies
6
Views
873
News Archive
monkeylove
monkeylove
Gandalf_The_Grey
    • Applause
    • Wow
    • +Reputation
Security News Ukraine arrests hackers trying to sell 100 million stolen accounts
Replies
0
Views
965
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Bot
    • Like
    • Wow
Security News Trezor's Twitter account hijacked by cryptocurrency scammers via bogus Calendly invite
Replies
0
Views
875
Security News
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top