Bitcoin Forum
November 11, 2024, 08:23:30 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: [2020-08-01] How the FBI tracked down the Twitter hackers  (Read 378 times)
snipie (OP)
Legendary
*
Offline Offline

Activity: 3332
Merit: 1141


DGbet.fun - Crypto Sportsbook


View Profile WWW
August 01, 2020, 03:06:16 PM
 #1

A timeline of the Twitter hack composed from court documents published today.
After earlier today US law enforcement charged three individuals for the recent Twitter hack, with the help of court documents released by the DOJ, ZDNet was able to piece together a timeline of the hack, and how US investigators tracked down the three suspected hackers.

The article below uses data from three indictments published today by the DOJ against:

Mason Sheppard, aka "Chaewon," 19, of Bognor Regis, in the United Kingdom [indictment].
Nima Fazeli, aka "Rolex," 22, of Orlando, Florida [indictment].
Graham Ivan Clark, believed to be "Kirk," 17 of Tampa, Florida [indictment, courtesy of Motherboard]....
https://www.zdnet.com/article/how-the-fbi-tracked-down-the-twitter-hackers/

o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18746


View Profile
August 01, 2020, 04:03:51 PM
 #2

Lol, these kids weren't smart.

They used the same email addresses to hijack twitter accounts as they used to create Coinbase accounts, which they then verified by uploading copies of their driver's licenses. They also linked addresses from said Coinbase accounts to their OGUsers and Discord aliases, and logged in to all the services via the same IP addresses. Obviously, Coinbase handed over everything to law enforcement, including names, addresses, emails, dates of birth, copies of KYC documents, addresses, and transaction histories.

People need to learn that anything that touches a centralized exchange is immediately and completely de-anonymized, linked to your real life identity, and shared with dozens of third parties.
snipie (OP)
Legendary
*
Offline Offline

Activity: 3332
Merit: 1141


DGbet.fun - Crypto Sportsbook


View Profile WWW
August 01, 2020, 05:07:53 PM
 #3

-snip-
I am worried that newbies hackers managed to do all of this, leaving tons of mistakes that leads to them. I mean if those can do this then what about hardcore hackers but also those mistakes will make other newbie hackers learn from it and be more careful, so it will get harder to spot them...

target
Legendary
*
Offline Offline

Activity: 2282
Merit: 1041


View Profile
August 01, 2020, 07:16:41 PM
 #4


-snip-
I am worried that newbies hackers managed to do all of this, leaving tons of mistakes that leads to them. I mean if those can do this then what about hardcore hackers but also those mistakes will make other newbie hackers learn from it and be more careful, so it will get harder to spot them...

Also wonder why they made this public. Its not good. The story says the two hacker are just hiredt it would appear they can bargain they way out.

Its still entertaining to think how they made the popular users look funny especially targeting Bill Gates and Justin Sun, but it got awful when they used it to scam. 
Its all just to monetize their access to twitter, they could have just got away with it if they just continue to sell accounts than aiming for this giveaway scam thru those high profile accounts.
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18746


View Profile
August 02, 2020, 11:39:52 AM
 #5

I am worried that newbies hackers managed to do all of this, leaving tons of mistakes that leads to them.
True. When a careless 17 year old manages to break in to a huge tech company like Twitter, it goes to show just how lax their security practices are. We often see hacks and breaches of crypto companies being made a big deal of on this forum - Ledger's data breach, Binance's data breach, various exchanges and web wallets being hacked for funds, lists of email addresses from ICOs and airdrops being sold, and so on. What a lot of people forget is that such data breaches are commonplace throughout the entire internet, and that even massive tech companies often have terrible security. Google stored passwords in plain text for 14 years. 50 million Facebook accounts were compromised in 2018. Just today an unpatchable exploit to Apple's Secure Enclave has been revealed, meaning an attacker can potentially decrypt and steal all your information and data.

This is why it is so important that people take their privacy and security seriously.

Its all just to monetize their access to twitter, they could have just got away with it if they just continue to sell accounts than aiming for this giveaway scam thru those high profile accounts.
It seems Twitter only picked up on it after they flooded many famous accounts with their bitcoin scam. Given that, it could have been much worse. They could have read or sent private messages to and from world leaders, or tweeted as various CEOs. Remember how much TSLA stock fell when Musk tweeted he thought it was overpriced?
Lucius
Legendary
*
Offline Offline

Activity: 3416
Merit: 6149


Crypto Swap Exchange🈺


View Profile WWW
August 02, 2020, 12:16:51 PM
 #6

This is why it is so important that people take their privacy and security seriously.

The only way not to expose your privacy is not to use such social platforms at all - because most of hacked accounts had maximum security settings (if 2FA can be called that), but some not-so-intelligent kids out there played tricks on them. And while the world is now having fun with how the FBI and others have caught hackers, no one is asking how it is possible for Twitter to hire people who have no idea what they are doing?

Hackers are successful because they are allowed to do so by people who are obviously not experts in security issues - but such people come at a price, which leads us to conclude that some large companies would rather hire 5 average experts than one top expert.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18746


View Profile
August 02, 2020, 03:26:01 PM
 #7

The only way not to expose your privacy is not to use such social platforms at all - because most of hacked accounts had maximum security settings (if 2FA can be called that)
Exactly. If you think unchecking a few boxes or changing a few options in Google's or Facebook's settings pages is doing anything meaningful you are kidding yourself. Your data is being harvested, aggregated, stored, transferred, shared, and sold by these companies, and often also leaked or hacked, regardless of what settings you have chosen. The only way to maintain privacy is to stop using them. I'm particularly glad I grew up and developed some sense long before any social media existed. It's a shame for the kids of today, who by the time they realize how important their privacy is, already have their lives splashed across every corner of the internet.

no one is asking how it is possible for Twitter to hire people who have no idea what they are doing?
It's the same everywhere. I have around 10 different software packages I use regularly at work, and they all require a mandatory password change every month. We are not allowed to use a password manager or a physical device such as a USB. What this means is that everyone either uses the same password for everything and simply changes a single digit on the end each month or appends the first three letters of the month, or they write all their passwords down in a notebook or similar which they carry around with them, since we are logging in and using PCs across the whole hospital every day. You point out to the IT department how terrible this is for security, but they don't listen.
bL4nkcode
Copper Member
Legendary
*
Offline Offline

Activity: 2142
Merit: 1307


Limited in number. Limitless in potential.


View Profile
August 02, 2020, 07:47:35 PM
 #8

I was really amazed at how these kids able to do the hacking using some social engineering methods but in the end, such a good laugh for how one of them used the same email address to register on a centralized exchange and they used on their illegal activity. By their move, they even don't know that such a bitcoin mixer exists.
snipie (OP)
Legendary
*
Offline Offline

Activity: 3332
Merit: 1141


DGbet.fun - Crypto Sportsbook


View Profile WWW
August 02, 2020, 07:56:45 PM
 #9

-snip-
By their move, they even don't know that such a bitcoin mixer exists.
Sad part they know bitcoin mixers do exist and they already used it to mix ~half of their illegal money. But they aren't clever enough to avoid stupid mistakes like o_e_l_e_o said!

hatshepsut93
Legendary
*
Offline Offline

Activity: 3038
Merit: 2161


View Profile
August 02, 2020, 08:00:35 PM
 #10

Lol, these kids weren't smart.

They used the same email addresses to hijack twitter accounts as they used to create Coinbase accounts, which they then verified by uploading copies of their driver's licenses. They also linked addresses from said Coinbase accounts to their OGUsers and Discord aliases, and logged in to all the services via the same IP addresses. Obviously, Coinbase handed over everything to law enforcement, including names, addresses, emails, dates of birth, copies of KYC documents, addresses, and transaction histories.

People need to learn that anything that touches a centralized exchange is immediately and completely de-anonymized, linked to your real life identity, and shared with dozens of third parties.

I just can't wrap my mind around how can these kids be smart enough to hack Twitter, yet dumb enough to reuse emails and leave trail to their social profiles. It's almost like during this entire thing they not once have though "how do I not get caught"?

And I think we should kinda be glad that the hack was used for a Bitcoin scam, and not for starting a war or crashing the global market.
gentlemand
Legendary
*
Offline Offline

Activity: 2590
Merit: 3015


Welt Am Draht


View Profile
August 02, 2020, 09:37:27 PM
 #11

And I think we should kinda be glad that the hack was used for a Bitcoin scam, and not for starting a war or crashing the global market.

It was pretty much the least harmful hack that could've happened. I hope it's a wake up call to platforms with this much influence. If moronic brats can do this then you need to get your shit together and fast.

As soon it was mentioned the address had previous they were clearly toast. Mind boggling stupidity on their part.
hatshepsut93
Legendary
*
Offline Offline

Activity: 3038
Merit: 2161


View Profile
August 02, 2020, 10:14:52 PM
Merited by malevolent (3)
 #12

And I think we should kinda be glad that the hack was used for a Bitcoin scam, and not for starting a war or crashing the global market.

It was pretty much the least harmful hack that could've happened. I hope it's a wake up call to platforms with this much influence. If moronic brats can do this then you need to get your shit together and fast.

As soon it was mentioned the address had previous they were clearly toast. Mind boggling stupidity on their part.

Like o_e_l_e_o pointed earlier, this isn't the first big security incident, and the fact that Twitter got away with it so easy would likely mean that it won't be a wake up call. If Trump's account got hacked and caused something horrible, or if there was some important info stolen from any of those account's DMs, then maybe it would have stirred some change.
cr1776
Legendary
*
Offline Offline

Activity: 4214
Merit: 1313


View Profile
August 03, 2020, 03:30:23 PM
Merited by o_e_l_e_o (2), malevolent (1)
 #13

I am worried that newbies hackers managed to do all of this, leaving tons of mistakes that leads to them.
True. When a careless 17 year old manages to break in to a huge tech company like Twitter, it goes to show just how lax their security practices are. We often see hacks and breaches of crypto companies being made a big deal of on this forum - Ledger's data breach, Binance's data breach, various exchanges and web wallets being hacked for funds, lists of email addresses from ICOs and airdrops being sold, and so on. What a lot of people forget is that such data breaches are commonplace throughout the entire internet, and that even massive tech companies often have terrible security. Google stored passwords in plain text for 14 years. 50 million Facebook accounts were compromised in 2018. Just today an unpatchable exploit to Apple's Secure Enclave has been revealed, meaning an attacker can potentially decrypt and steal all your information and data.

This is why it is so important that people take their privacy and security seriously.

Its all just to monetize their access to twitter, they could have just got away with it if they just continue to sell accounts than aiming for this giveaway scam thru those high profile accounts.
It seems Twitter only picked up on it after they flooded many famous accounts with their bitcoin scam. Given that, it could have been much worse. They could have read or sent private messages to and from world leaders, or tweeted as various CEOs. Remember how much TSLA stock fell when Musk tweeted he thought it was overpriced?

This is a nice point, it goes to show why distributed services like bitcoin (twister etc) should be preferred.  Instead of someone being able to "hack into Bitcoin Inc" they would need to hack into each individual's account.  Without a centralized point like Twitter, this becomes much harder - presuming no one finds P=NP and/or breaks PKE.

Everything should be handled using on-device encryption and not sent off whatever device is being used without being encrypted. 

One thing that concerns me about things like Solid is that they may be making the same error with regard to http and https (and others) again.  I haven't checked in about 6-9 months, but the pods are not encrypted on the device.



Lanatsa
Hero Member
*****
Offline Offline

Activity: 3010
Merit: 691



View Profile
August 13, 2020, 11:49:01 PM
 #14

-snip-
By their move, they even don't know that such a bitcoin mixer exists.
Sad part they know bitcoin mixers do exist and they already used it to mix ~half of their illegal money. But they aren't clever enough to avoid stupid mistakes like o_e_l_e_o said!
How come these scammers didnt able to realize on using up those all of those coins to be mixed first before sending it on an exchange? not literally in one go but they can do it on gradual phase.

Its just dumb that they make choice of Coinbase which is heavily centralized.Dont know on whats up to their minds or they have just realized on how stupid they are and letting their faces
uncovered.  Cheesy

R


▀▀▀▀▀▀▀██████▄▄
████████████████
▀▀▀▀█████▀▀▀█████
████████▌███▐████
▄▄▄▄█████▄▄▄█████
████████████████
▄▄▄▄▄▄▄██████▀▀
LLBIT|
4,000+ GAMES
███████████████████
██████████▀▄▀▀▀████
████████▀▄▀██░░░███
██████▀▄███▄▀█▄▄▄██
███▀▀▀▀▀▀█▀▀▀▀▀▀███
██░░░░░░░░█░░░░░░██
██▄░░░░░░░█░░░░░▄██
███▄░░░░▄█▄▄▄▄▄████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
█████████
▀████████
░░▀██████
░░░░▀████
░░░░░░███
▄░░░░░███
▀█▄▄▄████
░░▀▀█████
▀▀▀▀▀▀▀▀▀
█████████
░░░▀▀████
██▄▄▀░███
█░░█▄░░██
░████▀▀██
█░░█▀░░██
██▀▀▄░███
░░░▄▄████
▀▀▀▀▀▀▀▀▀
||.
|
▄▄████▄▄
▀█▀
▄▀▀▄▀█▀
▄░░▄█░██░█▄░░▄
█░▄█░▀█▄▄█▀░█▄░█
▀▄░███▄▄▄▄███░▄▀
▀▀█░░░▄▄▄▄░░░█▀▀
░░██████░░█
█░░░░▀▀░░░░█
▀▄▀▄▀▄▀▄▀▄
▄░█████▀▀█████░▄
▄███████░██░███████▄
▀▀██████▄▄██████▀▀
▀▀████████▀▀
.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
░▀▄░▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄░▄▀
███▀▄▀█████████████████▀▄▀
█████▀▄░▄▄▄▄▄███░▄▄▄▄▄▄▀
███████▀▄▀██████░█▄▄▄▄▄▄▄▄
█████████▀▄▄░███▄▄▄▄▄▄░▄▀
███████████░███████▀▄▀
███████████░██▀▄▄▄▄▀
███████████░▀▄▀
████████████▄▀
███████████
▄▄███████▄▄
▄████▀▀▀▀▀▀▀████▄
▄███▀▄▄███████▄▄▀███▄
▄██▀▄█▀▀▀█████▀▀▀█▄▀██▄
▄██▀▄███░░░▀████░███▄▀██▄
███░████░░░░░▀██░████░███
███░████░█▄░░░░▀░████░███
███░████░███▄░░░░████░███
▀██▄▀███░█████▄░░███▀▄██▀
▀██▄▀█▄▄▄██████▄██▀▄██▀
▀███▄▀▀███████▀▀▄███▀
▀████▄▄▄▄▄▄▄████▀
▀▀███████▀▀
OFFICIAL PARTNERSHIP
SOUTHAMPTON FC
FAZE CLAN
SSC NAPOLI
malevolent
can into space
Legendary
*
Offline Offline

Activity: 3472
Merit: 1724



View Profile
August 14, 2020, 11:50:18 PM
 #15

How come these scammers didnt able to realize on using up those all of those coins to be mixed first before sending it on an exchange? not literally in one go but they can do it on gradual phase.

They probably got too complacent/comfortable from not facing any consequences over other hacks/scams, otherwise they'd have been better prepared.

Signature space available for rent.
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18746


View Profile
August 15, 2020, 12:19:51 AM
 #16

How come these scammers didnt able to realize on using up those all of those coins to be mixed first before sending it on an exchange?
They didn't mix the coins, they used a centralized exchange they had completed KYC on, they used the same email addresses across multiple sites including exchange accounts, forum accounts, and hacked twitter accounts, they used the same usernames and aliases across multiple sites, they did nothing to hide their IPs and again connected to multiple sites from the same IPs, and so on. These weren't experienced hackers with some carefully planned attack - they were naive kids who found a weak point and jumped on the opportunity.

But yes, expecting any sort of privacy from a centralized exchange such as Coinbase was particularly naive.
dansus021
Copper Member
Legendary
*
Offline Offline

Activity: 2184
Merit: 1012


Part of AOBT - English Translator to Indonesia


View Profile WWW
August 26, 2020, 12:54:03 AM
 #17

Maybe the reason they are not hide their ip address and not mixing the coin beside newbie hacker they just tempted with the money they got.

But using centralized exchange with completed KYC is completely crazy Grin

They probably got too complacent/comfortable from not facing any consequences over other hacks/scams, otherwise they'd have been better prepared.

and this can be a reason too, maybe he hacked ppl at the comfort zone make some withdraw before FBI know about it

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
.
.Duelbits.
..........UNLEASH..........
THE ULTIMATE
GAMING EXPERIENCE
DUELBITS
FANTASY
SPORTS
████▄▄█████▄▄
░▄████
███████████▄
▐███
███████████████▄
███
████████████████
███
████████████████▌
███
██████████████████
████████████████▀▀▀
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
.
▬▬
VS
▬▬
████▄▄▄█████▄▄▄
░▄████████████████▄
▐██████████████████▄
████████████████████
████████████████████▌
█████████████████████
███████████████████
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
/// PLAY FOR  FREE  ///
WIN FOR REAL
..PLAY NOW..
Harlot
Hero Member
*****
Offline Offline

Activity: 1806
Merit: 672


View Profile
September 01, 2020, 12:23:33 PM
 #18

They aren't really smart by pulling this Twitter hack proven by them using the same email on creating various accounts counting Coinbase as well. The hack itself isn't their plan based on the stories I have seen someone leaked the vulnerability of Twitter and how easy they can hack multiple accounts from it and they probably just tried it out and see if it works from them. FBI with the help of IRS and their data made this  huntdown for them possible and if they really have used a Coinbase account to receive all of those crypto then there is a big chance that all of the stolen cryptocurrencies will be recovered by the authorities.
milewilda
Legendary
*
Offline Offline

Activity: 3290
Merit: 1156



View Profile
September 02, 2020, 09:48:05 PM
 #19

They aren't really smart by pulling this Twitter hack proven by them using the same email on creating various accounts counting Coinbase as well. The hack itself isn't their plan based on the stories I have seen someone leaked the vulnerability of Twitter and how easy they can hack multiple accounts from it and they probably just tried it out and see if it works from them. FBI with the help of IRS and their data made this  huntdown for them possible and if they really have used a Coinbase account to receive all of those crypto then there is a big chance that all of the stolen cryptocurrencies will be recovered by the authorities.
Didnt know if they do able to halt those transactions, if they were able been caught on that Coinbase halted transactions https://www.theverge.com/2020/7/20/21331499/coinbase-twitter-hack-elon-musk-bill-gates-joe-biden-bitcoin-scam then these cashouts havent able to pass through but as far as i know they had able to cash out and that what makes them being traced due they had a verified account used which is
totally dumb for a hacker to giving out an obvious path for the government to look for and now they've been caught with not soo much effort because the trail is just bright as daylight. lol

bbc.reporter
Legendary
*
Offline Offline

Activity: 3108
Merit: 1491



View Profile
September 03, 2020, 05:11:15 AM
 #20

The story continues. This time the new victim is India's prime minister hehehe. I was always skeptical of the official story that the sophisticated hack on Twitter was done by teenagers. I speculate that there is something the authorities are not telling the public.



Being one of the most powerful men in the world offers no immunity from the tricks and wits of scamsters. This was evidenced a few hours ago after Indian Prime Minister Narendra Modi’s Twitter account was hacked by “John Wick,” a few weeks after a wider attack was orchestrated against the likes of Binance, Coinbase, Joe Biden, Barack Obama, Warren Buffett, and Kanye West. The hacker in the present case “appealed” for donations to the “PM National Relief Fund for COVID-19″ in Bitcoin and Ethereum.

Source https://eng.ambcrypto.com/donate-bitcoin-ethereum-generously-says-indian-pms-hacked-twitter-a-c/

.
.DuelbitsSPORTS.
▄▄▄███████▄▄▄
▄▄█████████████████▄▄
▄██████████████████████▄
██████████████████████████
███████████████████████████
██████████████████████████████
██████████████████████████████
█████████████████████████████
███████████████████████████
█████████████████████████
▀████████████████████████
▀▀███████████████████
██████████████████████████████
██
██
██
██

██
██
██
██

██
██
██
████████▄▄▄▄██▄▄▄██
███▄█▀▄▄▀███▄█████
█████████████▀▀▀██
██▀ ▀██████████████████
███▄███████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
▀█████████████████████▀
▀▀███████████████▀▀
▀▀▀▀█▀▀▀▀
OFFICIAL EUROPEAN
BETTING PARTNER OF
ASTON VILLA FC
██
██
██
██

██
██
██
██

██
██
██
10%   CASHBACK   
          100%   MULTICHARGER   
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!