Article 4PA7H How did Twitter CEO Jack Dorsey's account get hacked?

How did Twitter CEO Jack Dorsey's account get hacked?

by
Xeni Jardin
from on (#4PA7H)

Oops.

Twitter CEO Jack Dorsey's Twitter account got hacked.

You can see the name of the group claiming credit.

A Twitter spox confirmed that what we were all seeing was what we presumed.

Yes, Jack's account was compromised. We're working on it and investigating what happened.

- Brandon Borrman (@bborrman) August 30, 2019

A few more screengrabs below. This went on for quite a while, and much N-word was spewed.

Screen-Shot-2019-08-30-at-1.51.42-PM.png

Screen-Shot-2019-08-30-at-1.51.03-PM.png

Some concerns and grim lulz below, from those of us who observed in horror.

Prevailing theory, not confirmed at the time of this blog post on Friday afternoon, is that the hacked @jack tweets were posted using Cloudhopper, a tool for for posting tweets by SMS (phone texting). It's possible the hackers who were tweeting from the account got access by spoofing the number linked to his Cloudhopper account to send tweets from his mobile phone.

Just imagine the head of Twitter's security team right now, on seven different kinds of mushrooms, nude, in a giant bamboo steampunk rocketship called the Love Temple, ignoring his push notifications

- Tom Gara (@tomgara) August 30, 2019

In human English:@Jack's hackers had a Discord server (like a Slack for teenz). They linked to it from Jack's hacked account.

Discord, the company, killed the hackers' Discord just now.

Jack's account remains compromised and tweeting racial slurs.

- Ben Collins (@oneunderscore__) August 30, 2019

We've always known that 45 could be hacked #onhere and now it's confirmed this can easily happen.

- #DilettanteInChief (@prisonculture) August 30, 2019

Someone found out the number Jack Dorsey linked to twitter for SMS and used that to post. "Cloudhopper" is how SMS posts show up because Twitter doesn't give a shit about anything.

Another great reason to treat your personal phone number like your password and use Google Voice.

- EJ Fox 1f31e.png (@mrejfox) August 30, 2019

Can't wait until Twitter forcefully responds to this latest security embarrassment by floating the idea of a clover-shaped Like button or something

- James Poniewozik (@poniewozik) August 30, 2019

All of this doesn't make me feel great for when Trump's Twitter account is inevitably hacked and it starts World War III. Quite literally.

- M.G. Siegler (@mgsiegler) August 30, 2019

I mean, at least there's only 411 people who took this offer up? pic.twitter.com/vdB4NHDT42

- Mike Madden (@MikeMadden) August 30, 2019

Looks like Discord nuked the server of @jack's hacker before Twitter got Jack's account back.

- Ben Collins (@oneunderscore__) August 30, 2019

i find this pretty worrisome tbh

- darth2122.png (@darth) August 30, 2019

Hacked @jack tweets were posted using Cloudhopper, which is for posting tweets via SMS. So best guess - hackers were able to spoof number linked to his account to send tweets?

- James Titcomb (@jamestitcomb) August 30, 2019

External Content
Source RSS or Atom Feed
Feed Location https://boingboing.net/feed
Feed Title
Feed Link https://boingboing.net/
Reply 0 comments