It was a very unpleasant Friday, at approximately 12:45 PM Pacific Standard Time, Twitter handle @jack – confirmed to be of Jack Dorsey’s (Twitter’s Chief Executive Officer) account, began sending out a series of highly inappropriate and notably disturbing tweets. They included a mix of racial slurs, obscenity, profanity, nazi-inclined campaigns, and even a bomb threat. This went on for a good 20-30 minutes before Twitter was able to successfully take them down. One account involved on the hack stands out – @taytaylov3r because of the tweets and retweets.
Some of the tweets included messages such as this –
“Hitler is innocent”
“nazi germany did nothing wrong.”
“bald skeleton head tramp”
It was a confirmed hacking incident, according to Twitter.
They were able to take control of the @jack account for about half an hour but there was no indication that the overall platform was compromised. Twitter has directly pointed its fingers to the mobile service provider, saying that their poor security services was to blame and that it highly attributed to the hack of Mr. Dorsey’s mobile phone and number.
To put it in perspective, Twitter claims that Mr. Dorsey’s mobile phone and mobile number was hacked using what’s called a SIM Swap Attack. Mobile phones and Telcos use SIM cards or Subscriber Identity Modules to verify and register themselves into the mobile cellular network. To assume control of another subscriber’s SIM card or mobile phone, a hacker will need to perform trickery or ultimately use digital interferences to be able to takeover the user’s mobile phone.
In this case, once the hacker is able to gain control, he can change the user’s password or account information by using 2FA (two-factor authentication), an additional layer of security in order for the system to verify that it’s the right user. This is similar to OTPs (One Time Passwords) being sent to your mobile device by the bank to authenticate you. The hacker will then intercept that 2FA message and authenticate himself on the network. That should give him the access he needs to do whatever he wishes on the account.
About the attacker/s, it seems several accounts are involved with coordinated efforts to perform this sensational intrusion. Hacking a high-profile and well-known individual to make sure that their efforts are noticed entirely. The group included the aforementioned account @taytaylov3r as one of the “contributors”. The attackers didn’t even bother to hide themselves as the offending tweets included a link to a discord server – an internet chatroom where twitter users spread the word about their latest “hacks” or “account takeovers”.
The group, allegedly called #ChucklingSquad due to their hashtag every time they perform a hacking or account takeover, has been blamed for a series of account takeovers over the last few months. There were other numerous victims, from YouTubers, PodCasters, and other online social media influencers. As of this writing, Twitter have officially banned and suspended all the users and accounts that have been found to be involved and assisting on the hack.
As for the bomb threat and tweets about extortion, Twitter, together with law enforcement agencies have looked into it and found the information to be a hoax and was only posted to gain mobile views and online audiences.