back to article Who was behind that stunning Twitter hack? State spies? Probably this Florida kid, say US prosecutors

Three individuals were charged on Friday for allegedly hijacking a string of high-profile Twitter accounts after hoodwinking the social network's staff. It is claimed a social-engineering-driven phishing campaign against Twitter employees led to hacking spreethe brief takeover on July 15 of 45 out of 130 targeted prominent …

  1. Marketing Hack Silver badge
    Stop

    "The Twitter VIP hack undermines public confidence in those information platforms."

    My lack of confidence in Twitter is based on the fact that A) Its is a cesspool of ranting, one-upsmanship, vanity and attempted or actual cancellation of people, their social lives and careers without any kind of due process and B) SOME people get banned for saying unsubstantiated or opinionated things, but others who do the same thing get more followers and virtual back-pats. That people can hack Twitter accounts and post crazy or mercenary stuff was already so prevalent that the first thing a lot of people whose accounts do post crazy stuff on Twitter claim is that it only happened because their account was hacked.

    Twitter's main purpose is to provide an ongoing morality tale, ala the 1950s scifi classic "Forbidden Planet", about the dangers of giving members of society the ability to project their internal ids into the broader world.

    1. Joe W Silver badge

      Re: "The Twitter VIP hack undermines public confidence in those information platforms."

      From the article (I think it was the AG...) "Increasingly we rely on platforms like Twitter to receive news and other information that is important to our lives,"

      This is a level of stupidity reached in mankind. Redo from start?

      1. Anonymous Coward
        Anonymous Coward

        Re: "The Twitter VIP hack undermines public confidence in those information platforms."

        Really big asteroid? Multiple volcanic eruptions? Remove warning labels from all appliances?

        1. sev.monster

          Re: "The Twitter VIP hack undermines public confidence in those information platforms."

          The only reason warning labels exist on consumer products is because people were stupid enough to do exactly what it now says not to, no matter how obvious, common sense, or self-evident.

          1. Anonymous Coward
            Anonymous Coward

            Re: "The Twitter VIP hack undermines public confidence in those information platforms."

            O'really? And I though it was to try and protect the company from being sued. Oh well, you learn something new every day.

            1. sev.monster
              Happy

              Re: "The Twitter VIP hack undermines public confidence in those information platforms."

              Well, yes, if the stupid person lived after doing their stupid thing, they probably tried to sue the company for it. I'm sure there's some correlation.

              1. handle handle

                Re: "The Twitter VIP hack undermines public confidence in those information platforms."

                ... and even if they died, the family would sue.

    2. Anonymous Coward
      Anonymous Coward

      Re: "The Twitter VIP hack undermines public confidence in those information platforms."

      the 1950s scifi classic "Forbidden Planet"

      Which is itself based on Shakespeare's "The Tempest".

      1. Marketing Hack Silver badge

        Re: "The Twitter VIP hack undermines public confidence in those information platforms."

        Forbidden Planet is an extremely loose adaptation of The Tempest though.

    3. Anonymous Coward
      Anonymous Coward

      Re: "The Twitter VIP hack undermines public confidence in those information platforms."

      Your lack of confidence in Twitter (and mine, and many other commentards' here), while grounded in sound observations is (sadly) meaningless, as 99.9% of humanity think, for one reason or another, that twitter is greatest thing on earth since facebook.

      1. Withdrawn

        Re: "The Twitter VIP hack undermines public confidence in those information platforms."

        "99.9% of humanity think ... that twitter is the greatest thing on earth since facebook."

        Which is ridiculous considering how the large majority of tweets are made by surprisingly small segment of the overall population. To be honest I don't know why anyone takes twitter so seriously.

        https://www.pewresearch.org/internet/2019/04/24/sizing-up-twitter-users/

    4. Blackjack Silver badge

      Re: "The Twitter VIP hack undermines public confidence in those information platforms."

      I tried to think what actual use Twitter has that cannot be replaced by something else and I couldn't find anything.

  2. Anonymous Coward
    Anonymous Coward

    Twitter

    Full of twats

    1. Kabukiwookie Silver badge

      Re: Twitter

      So... Twatter it is then...

  3. redpawn Silver badge

    17-year-old "mastermind"

    We are just lucky that he didn't wait until he was 18. Think of the trouble an adult mind could have wreaked on Twitter.

  4. A random security guy Bronze badge

    Hoping they would shut down Twitter

    I was just hoping they would shut down Twitter for a few months to redo their security. One can hope, right?

    1. Anonymous Coward
      Anonymous Coward

      Re: Hoping they would shut down Twitter

      It would make the election much better.

  5. Anonymous Coward
    Anonymous Coward

    I'm gonna go out on a limb here....

    ... and say that macros were abused on Microsoft Office documents to gain creds.

    (Because it's always the macros)

    Also, Brian Krebs of "Krebs on security" pretty much called this one to a tee!

    1. sev.monster

      Re: I'm gonna go out on a limb here....

      Very rarely is docm actually successful nowadays, it's usually "encrypted/protected documents/PDFs" that ask you to sign in. Likely for the ol' Twit they probably sent out fake account alerts that sent to a fake login page.

  6. Claverhouse Silver badge

    More and More the Soviet Union Every Day

    Anderson announced the charges, in conjunction with federal officials from the FBI, the Secret Service, the IRS, and the UK's National Crime Agency.

    "There is a false belief within the criminal hacker community that attacks like the Twitter hack can be perpetrated anonymously and without consequence,” he said in a statement. "Today's charging announcement demonstrates that the elation of nefarious hacking into a secure environment for fun or profit will be short-lived."

    Grinding pomposities such as this sound better when not from some parochial local petty official: 'US Attorney for the Northern District of California' has all the dignitas of 'Chief Spokesperson, Milton Keynes Trading Standards'.

    Particularly if you start with demented nonsense such as: "Increasingly we rely on platforms like Twitter to receive news and other information that is important to our lives,"

    Not in the slightest.

    .

    And 'Wire Fraud' is always bogus bollocks anyway, tacked on to plump up alleged crime and add penalties.

    .

    The minor defendant is being prosecuted as an adult, the Hillsborough County State Attorney's Office said, "because Florida law allows minors to be charged as adults in financial fraud cases such as this when appropriate."

    Of course he is. Why permit legal protections for different classes of persons if they get in the way of a conviction ? Plus of course, if a 15 yr-old mugs someone and beats them up he will be charged as a child; if he commits Financial Fraud --- the very worst kind of fraud there is --- he will be charged as an adult. Almost as if the American God is Money.

    But it was a funny prank, and if the targets hadn't been beloved Liberal Legends then we would have had a Hollywood Caper movie to look forward to starring Mr. Hanks, Mr. Clooney and up and coming whatevers, with dedicated young beautiful FBI agents and Justice officials tracking the miscreants down.

    A cross between War Games and Ocean's Eleven.

    1. SW10
      Stop

      Spoiler

      I’ve seen the movie

      The kid makes a plea bargain and becomes a renowned security consultant, planting his feet on a succession of boardroom tables around the world. One day he realised he may have met his match as a series of sophisticated attacks overwhelm his clients.

      Now desperate, he agrees to meet his new nemesis. Imagine his surprise as he finds himself face to face with (foreign, of course) femme fatale. After a few awkward meetings, they realise that love conquers all and they jointly turn against the evil state sponsoring her attacks

      Then they all lived happily ever after

    2. Anonymous Coward
      Anonymous Coward

      Re: More and More the Soviet Union Every Day

      If he's committed an adult crime (i.e. sophisticated financial fraud, not just nicked a car) then he has shown that he should be treated as an adult. Age has little to do with it.

      1. Roland6 Silver badge

        Re: More and More the Soviet Union Every Day

        >sophisticated financial fraud...

        I think it depends on your definition of "sophisticated", given we are talking about people who get their news from Twitter, the bar is very low.

        There is nothing I've seen from the article to suggest the financial fraud was anything other than basic scamming.

        1. Anonymous Coward
          Anonymous Coward

          Re: More and More the Soviet Union Every Day

          The sophisticated criminals aren't caught.

      2. Claverhouse Silver badge

        Re: More and More the Soviet Union Every Day

        If he's committed an adult crime (i.e. sophisticated financial fraud, not just nicked a car) then he has shown that he should be treated as an adult. Age has little to do with it.

        V. I. Lenin agreed with you; and implemented this for those over the age of 11.

    3. T. F. M. Reader

      Re: More and More the Soviet Union Every Day

      Particularly if you start with demented nonsense such as: "Increasingly we rely on platforms like Twitter to receive news and other information that is important to our lives,"

      Not in the slightest.

      You might want to rethink that. You may not rely on Twitter for news directly, but I am increasingly under the impression that mainstream and every other news source does. To the point where the bulk of many news articles consists of screenshots of tweets and a staggering proportion of news items is rooted in someone tweeting something, which becomes news in and of itself.

      I certainly agree it is demented nonsense, but it also seems to have become demented reality. Disturbingly, it makes the above quote factually correct...

  7. cb7

    Twitter is for twits. It certainly seems that way since a certain orange person started spewing his verbal diarrhoea through it.

    That said there are a few intelligent people using it still. So the lunatics haven't completely taken over yet.

    1. Sanctimonious Prick
      Happy

      @cb7

      Excuse me.

      My fave news sites always have something on their front page every day from twi77er about something so seriously stupid that it makes my day (The Orange One, included).

      Let The Orange One use twi77er, please, and all the other famous knobs, too... coz, like, news sites wouldn't exist without it and them.

      I know that sucks... just... just laugh at it.

      The Orange One is banning tiktok!! Hahaha!!! It's going to be interesting to see how this pans out. Force the Chinese to sell it to Microsoft? LOL!!!!!

  8. Mr Dogshit

    "A recent Twitter hack probably didn’t scare you. Here’s why it should."

    I thought this was a good read:

    https://www.theatlantic.com/technology/archive/2020/07/twitter-hack-decentralized-internet/614593/

    1. Doctor Syntax Silver badge

      Re: "A recent Twitter hack probably didn’t scare you. Here’s why it should."

      Ah diddums. An Atlantic journalist, self describes as a member of Twitter's "obsessive elite", got locked out of his account and now the sky is falling - at least that seemed to be where he was heading when I baled out of his rant.

      1. Jonathan Richards 1

        Re: "A recent Twitter hack probably didn’t scare you. Here’s why it should."

        >I baled out of his rant

        I stayed with the 'plane after you took the only parachute, you demon. In fact, Mr Bogost, the journalist, only self-describes as a twitter obsessive to establish his standing. His point, in a nutshell, is that the original (as in ARPANet) USP for an internetwork which will survive bits of it being melted (packet switching, OSPF and all that), is compromised or made irrelevant when the things being linked together are massive monopolies with fragile security. This was not quite so in the early days of weB LOGging, when people used their own web sites to log their (possibly vacuous) news, thoughts and opinions.

  9. herman Silver badge
    Devil

    Not Russians and Norks?

    This is impossible, it has to be a state actor - Russia, Nork...

  10. Forget It
    Coffee/keyboard

    Edward Lear:

    On a little piece of wood,

    Mr. Spikky Sparrow stood;

    Mrs. Sparrow sate close by,

    A-making of an insect pie,

    For her little children five,

    In the nest and all alive,

    Singing with a cheerful smile

    To amuse them all the while,

    Twikky wikky wikky wee,

    Wikky bikky twikky tee,

    Spikky bikky bee!

  11. YetAnotherJoeBlow
    Trollface

    Overheard at Twitter...

    "Damn, we cannot hire FireEye Securty and pay them to announce to world + Dog that this hack was done by State Actors and that nobody could have defended against those nation/state actors."

  12. Velv Silver badge
    Flame

    Extradition

    When America come knocking with an extradition request for Mason Sheppard, I do hope the UK Government says no.

    Extradition goes both ways, Anne Sacoolas is now on an Interpol Red Notice for the death of Harry Dunn, and yet the US refuses to extradite. Diplomatic Immunity is about preventing frivolous allegations against diplomats, it is not a licence to commit crimes. The evidence exists for the CPS to proceed with a trial, the US has been given that evidence in an extradition request, they have actively decided not to comply. I think most people would agree the death of Mr Dunn is significantly more serious than the hack against Twitter.

    1. osakajin Bronze badge

      Re: Extradition

      Ah yes the special relationship...

    2. Anonymous Coward
      Gimp

      Re: Extradition

      Velv> When America come knocking with an extradition request for Mason Sheppard, I do hope the UK Government says no.

      Ha ha ha. I think you have totally misunderstood the UK's position/standing in the "special relationship" and how the US-UK extradition treaty is worded.

      Got valid US warrant? Must extradite.

      1. Anonymous Coward
        Anonymous Coward

        Re: Extradition

        >Ha ha ha. I think you have totally misunderstood the UK's position/standing in the "special relationship" and how the US-UK extradition treaty is worded.

        Yes, we know how many spineless occupiers of No 10 there have been, including the current one.

        >Got valid US warrant? Must extradite.

        Valid to the UK courts...

        > was charged with conspiracy to commit wire fraud, conspiracy to commit money laundering, and the intentional access of a protected computer.

        >Conspiracy to commit wire fraud: just a heresay catch all, will need some hard evidence for a UK court.

        >conspiracy to commit money laundering - not seen evidence of money laundering, yes, evidence of obtaining monies by deception - but that's not money laundering...

        >the intentional access of a protected computer - Well no crime here, you access Twitter, you are intentionally accessing a protected computer.

        Looks like this could be another one where the UK courts tell the US to redo their homework...

        1. Anonymous Coward
          Anonymous Coward

          Re: Extradition

          No evidence needs be presented to a UK court. Just a valid US issued warrant.

          It's all about help the US get quick justice. Not vice-versa.

  13. beep54
    FAIL

    Twitter

    Why the f would anyone think this was in any way, shape or form of secure. [see also Facebook, etc.]

  14. earl grey Silver badge
    Flame

    time for chokey

    until he's too old to remember what twatter was.

    1. Anonymous Coward
      Anonymous Coward

      Re: time for chokey

      earl grey,

      " time for chokey

      until he's too old to remember what twatter was."

      Nope !!!

      Here's why ......

      1. There are more important things than Twitter to deal with !!! *

      2. By now Twitter and other Social Networking platforms have been abused and hacked so many times you are an idiot if you put your life on it and expect privacy of any kind.

      3. See 1.

      4. Locking up a kid for many years achieves nothing useful ...... certainly will not stop future hacks etc

      5. BTW remember 1.

      * Coronavirus COVID worldwide epidemic, mad man in the Whitehouse, another mad man in the Kremlin, China flexing its muscles with little *real* pushback by the 2 mad men, Global economic pain due to the 'COVID' thing, people in general not realising COVID is still there with 'No Cure Yet !!!!, lots of people dead due to COVID and many more to come in the 3rd world (yes ... it is not just the US of A ) & so on ad nauseam.

  15. mickaroo

    No, I actually read the news...

    >> "Increasingly we rely on platforms like Twitter to receive news and other information... "

    No, I actually read the news. As depressing as that may be.

    1. Anonymous Coward
      Anonymous Coward

      Re: No, I actually read the news...

      I read the news on Twitter.

      Basically if you can filter out all of the Cruft, you can find all sorts of news stories that the overlords of the Mainstream Media don't want you to know about.

      1. Jonathan Richards 1
        Meh

        Re: No, I actually read the news...

        > if you can filter out all of the cruft

        Ahh, and how good is your cruft filter, grasshopper?

  16. cjcox

    Disappointed.

    Hacking in 2020 is posing as an IT admin to get administrators to give you their credentials.

    Here's some "recent" news... if somebody asks you for your password, say "no".

    (unless "no" IS your password, then say something else)

    1. Jonathan Richards 1
      Alert

      Re: Disappointed.

      > Hacking in 2020

      To be fair, it's been the simplest way to defeat security since forever. Break open the clay tablet, borrow and copy the key, gift the city with a really cool horse, bribe the portcullis guard, blackmail the bank manager, email spoof the security admin, rubber-hose decrypt the bitcoin wallet.

  17. 080

    I'M confused

    So the story seems to be that Twitter, a large web based company, who employ probably, hundreds of security staff and software engineers have been hacked by three or four teenagers, presumably with no formal education in computer security.

    This company seems to make money by offering a service to allow some of it's users to annoy the rest of it's users, who must like being annoyed or otherwise they would not use the service.

    The security services of the US and UK are now busy basking in the glory of managing to trace these kids.

    WTF

    Why haven't we offered these kids jobs in counter espionage?

    1. Roland6 Silver badge

      Re: I'M confused

      Problem is it's the US. Security is all talk and posture and no action and has been like this for decades.

      You only need to look at previous 'hacking' cases involving teenagers to see that they hacked supposedly security US military systems, which weren't actually secure; teenagers prosecuted, no change to system security, so systems ready for the next bunch of teenage hackers - its almost like the US's idea of security is to use their production systems as honeypots...

      You'll only start to see change when another western leader publicly laughs at the US and dismisses these types of cases. However, can't see the current UK government having the balls to do anything other than meekly comply.

    2. Anonymous Coward
      Anonymous Coward

      Re: I'M confused

      > Why haven't we offered these kids jobs in counter espionage

      They got caught.

  18. Nifty Bronze badge

    Doing society a service

    Issuing Bitcoin fines to Twitter users for exceeding the gullibility speed limit.

  19. captain semtex
    Childcatcher

    Am I the only one...

    ...that is wondering what social engineering tactics the kids used to get the info needed to gain access to such high profile accounts? I'm sure it would make for entertaining (and embarrassing) reading.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020