After the scandal over the hacking of high-profile accounts in the United States such as Barack Obama, Bill Gates, Jeff Bezos or Elon Musk, Twitter opened an investigation to understand exactly what happened. And some clues point to what was a young man of 21 years that he had already hacked the founder of the company, Jack Dorsey, last year: his name is Joseph James Connor and the key would be that he managed disable two-step verification of compromised accounts.
The information comes from the computer security researcher Brian Krebs, which has a site where it publishes news related to the tech world.
And although there is nothing official and Twitter is investigating the attack, there are strong indications that the attack was perpetrated by specialists in hijack social media accounts via SIM card exchange. What happened to Jack Dorsey in 2019.
Krebs pointed out this Thursday to a user who uses the name “PlugWalkJoe“who, according to his sources, is a 21-year-old from Liverpool in the United Kingdom named Joseph James Connor, who currently lives in Spain.
The speculation is that he did not act on his own, as Connor is linked to a group of hackers known as ChucklingSquad. And it’s the team that appears as the one that hacked Jack Dorsey’s Twitter account last year.
Bill Gates, Joe Biden, Elon Musk and t Jeff Bezos: 4 of the hacked personalities. (AFP)
According to Krebs, Connor would have managed to deactivate the two-step verification that accounts usually have today: that is, once a password has been entered, an authorization request is sent to the personal telephone number, which, if not accepted, does not allow access. to the system or service that you want to access.
There is one thing that is striking: although the move went well from the economic point of view, since it is estimated that they managed to undermine about $ 121,000 in bitcoin payments, recovering that money is difficult: it is fully traceable. If they want to withdraw the money, they will have to think of some kind of strategy to bypass the detection systems.
Not much more is known about Connor, outside the group to which he is linked.
The problem is not over yet: they could relapse
Although the hack was already stopped, the main stumbling block Twitter is currently dealing with is that it could happen again, since hackers could have more credentials stolen.
Moving, as confirmed by Twitter were 130 total accounts hackeds. It is by far the largest security incident in the platform’s history.
The hack caused certain verified accounts to display a message urging followers to click on the attached link and make a donation in bitcoins.
“We believe that approximately 130 accounts were attacked as part of the incident. For a small subset of these accounts, the attackers were able to gain control of the accounts and then send tweets from them“explained Twitter through his official account on the social network.
The company even limited access to internal system tools to employees themselves:
The company limited the functions of multiple accounts, as well as all verified accounts, even those that did not appear to have been compromised.
In addition, the affected accounts were blocked and access to their owners was restored.
In the meantime, even the FBI got involved in the investigation to find those responsible for the hack“We are aware of today’s security incident involving several Twitter accounts belonging to high-profile people. The accounts appear to have been compromised to perpetuate cryptocurrency fraud,” they explained.
According to estimates by cybersecurity company Kaspersky, “in just two hours”, at least 367 users transferred around $ 121,000 to attackers.