Teenager who lives at home with his mother in UK is ‘among hacking group behind Twitter attack’
Teenager, 19, who lives at home with his mother in UK is ‘among hacking group behind massive Twitter attack’
- Fresh details emerged in the massive security breach at Twitter on Wednesday
- Hackers targeted more than 130 accounts, many of them high-profile
- Attack originally began as an attempt to take over rare, coveted accounts
By Jack Wright and Joe Davies For Mailonline
Published: 08:37 EDT, 18 July 2020 | Updated: 09:04 EDT, 18 July 2020
One of the young hackers involved in the hijacking of over 130 Twitter accounts including those belonging to Barack Obama and Elon Musk this week is believed to be a British teenager who lives with his mother, according to reports.
An investigation by The New York Times has revealed that a 19-year-old who lives ‘at home in the south of England’ was approached to sell highly-coveted Twitter handles by a mysterious ringleader known by the moniker ‘Kirk’.
The teenager, known as ‘lol’, and another hacker called ‘ever so anxious’ acted as brokers for ‘Kirk’ and sold OG names – accounts which consist of a username and a single character or short word – for thousands of dollars.
‘lol’ and ‘ever so anxious’ claimed that ‘Kirk’ went rogue and started hijacking high-profile accounts after their initial scheme brought in thousands of dollars.
Although the user ‘lol’ did not confirm his real-world identity to The Times, he said that he lived on the West Coast and was in his 20s.
‘Ever so anxious’ said he was 19 and lived in the south of England with his mother.
‘lol’ denied to the Times working with ‘Kirk’ once he began attacking more high-profile accounts on Wednesday afternoon.
Accounts belonging to Joe Biden, Bill Gates, Barack Obama and Elon Musk were among those targeted, with the hackers posting messages on their accounts suggesting followers make ‘donations’ via Bitcoin.
Twitter CEO Jack Dorsey is seen above. Wednesday’s massive hack of the social media site was perpetrated by a group of young pals with no state ties, according to a new report
The group posted ads on the forum OGusers.com offering to sell ‘OG accounts’ for bitcoin
Twitter confirms 130 accounts were targeted in hack which went for some of the world’s most powerful including Barack Obama, Bill Gates and Elon Musk, as the FBI investigates
Twitter has confirmed that some 130 accounts were hacked during Wednesday night’s attack – the most serious breach of its security in history.
Joe Biden, Bill Gates, Barack Obama and Elon Musk were among those targeted, with the hackers posting messages on their accounts suggesting followers make ‘donations’ via Bitcoin.
Millions of followers were told that, that in the spirit of generosity, they would double anyone’s Bitcoin ‘for the next 30 minutes’.
Some were duped, sending Bitcoin payments and expecting a double return that never arrived.
The hack is now being investigated by Twitter and the FBI, with Twitter’s chief executive Jack Dorsey for the massive security breach.
It is thought that the attack – the work of young hijackers with no links to state or organised crime – is one of the biggest hacks in history.
Millions of followers were told that, that in the spirit of generosity, they would double anyone’s Bitcoin ‘for the next 30 minutes’. Some were duped, sending Bitcoin payments and expecting a double return that never arrived.
Cybersecurity experts were stunned by the startling revelation that Wednesday’s breach, unprecedented in scale for the social media site, had been executed by a group of young hackers, not a sophisticated state actor.
A separate investigation by researcher Brian Krebs and cybersecurity firm Unit 211B claims to have linked another Brit, a notorious hacker who goes by PlugWalkJoe, to the attack.
Hackers in the account hijacking forum OGusers boasted that they could access any Twitter account in the days before the hack, according to Business Insider – and had even offered selling access to accounts for as much as $3,000.
Two Twitter accounts, @shinji and @b, reportedly run by PlugWalkJoe, posted pictures of Twitter’s internal tools on the site shortly before the attack.
Citing a source who works in security at a US-based mobile carrier, Krebs traced @shinji and @b to PlugWalkJoe, which is known for SIM swapping attacks.
PlugWalkJoe is also linked with ChucklingSquad, the group allegedly behind the 2019 hacking of Twitter CEO Jack Dorsey. It is unclear if PlugWalkJoe was acting alone or with others.
The fraudulent posts, which were largely deleted quickly, said people had 30 minutes to send $1,000 in bitcoin, promising they would receive twice as much in return.
More than $100,000 worth of bitcoin was sent to email addresses mentioned in the tweets, according to Blockchain.com, which monitors crypto transactions.
Though ‘Kirk’ originally claimed to work for Twitter, ‘lol’ came to doubt the claim after seeing the damage he was willing to inflict on the company.
One hacker interviewed by the Times said he had heard rumours that ‘Kirk’ gained access to an internal Twitter Slack channel where he saw user credentials posted.
The attack affected high-profile accounts including former president Barack Obama
‘ever so anxious’ was able to gain control of the Twitter account he had long coveted, @anxious, which now displays his contact info in the bio, according to the Times
Experts warn hackers could swing elections, stock market and potentially start a WAR after Barack Obama, Joe Biden and Elon Musk accounts were hijacked in ‘biggest ever’ security breach
The Twitter security breach that allowed hackers to hijack the accounts of billionaires, politicians, celebrities and companies has sparked fears they could have wreaked havoc on the stock market, meddled in elections or even potentially started a war.
Barack Obama, Joe Biden, Jeff Bezos and Elon Musk were among the victims of the four-hour attack on Wednesday that saw hackers infiltrate Twitter’s internal systems and post bogus tweets from the high profile accounts asking people to send Bitcoin.
Publicly available blockchain records show that the scammers received more than $116,000 worth of cryptocurrency, which equates to 12.8 bitcoin, from over 300 people over the four-hour stretch.
Twitter described the hack as ‘social engineering’, which occurs when a hacker tricks someone into providing their login credentials.
While the hack is thought to be one of the largest in history, experts have warned that Twitter was ‘extremely lucky’ the hackers appeared to only be after money and that it ‘could have been much worse’.
The massive hack of high-profile users from Elon Musk to Joe Biden has raised questions about Twitter’s security as it serves as a megaphone for politicians ahead of November’s election.
‘Based on what we know right now, we believe approximately 130 accounts were targeted by the attackers in some way as part of the incident,’ Twitter said in a tweet.
‘For a small subset of these accounts, the attackers were able to gain control of the accounts and then send Tweets from those accounts.’
Posts trying to dupe people into sending hackers the virtual currency bitcoin were tweeted by the official accounts of Apple, Uber, Kanye West, Bill Gates, Barack Obama and many others on Wednesday.
Twitter said it appeared to be a ‘coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.’
The young hackers maintained they stopped serving as middlemen for ‘Kirk’ when high-profile accounts became targets.
Some hackers are ‘obsessed’ with hijacking ‘Original Gangster’ social media accounts staked out in the services’ early days that have short profile names, according to Brian Krebs of Krebs on Security.
‘Possession of these OG accounts confers a measure of status and perceived influence and wealth in SIM swapping circles, as such accounts can often fetch thousands of dollars when resold in the underground,’ Krebs said in a post.
‘An incident such as this could have extraordinary serious consequences – manipulation of the markets, disinformation relating to an election, etc,’ Brett Callow, a threat analyst at cybersecurity firm Emsisoft, told DailyMail.com.
‘However, in this case, reporting suggests that the hack was carried out by a group of young people who may have done nothing worse than execute a bitcoin scam. Twitter got lucky.’