Hackers use Jack Dorsey's Twitter account to send racist tweets
Jack Dorsey's Twitter account was hacked yesterday, and the hackers -- going by the name of the Chuckle Gang -- proceeded to send racist tweets and made reference to a bomb at Twitter headquarters.
The account of the Twitter CEO was back under control relatively quickly, and the tweets sent out by the hackers were deleted. Twitter has said that its security systems were not compromised in the attack, instead blaming the account hijacking on a "security oversight" by a mobile provider which enabled hackers to take control of a mobile number associated with Dorsey's account.
- Hate the new-look Twitter? Here's how to get the old version back
- Scotland Yard Twitter account and website hacked
- Twitter redesign rolls out on the web
Among the tweets sent out by the hackers were pro-Hitler messages and a series of racist comments. The tweets were sent out via Cloudhopper, a mobile service acquired by Twitter almost a decade ago. Security researcher Brian Krebs said that it appeared that Dorsey had fallen victim to a SIM swapping attack, going on to explain:
For those asking what SIM swapping is, it's when someone tricks or bribes someone at a mobile phone provider/store into transferring your cell service to a new SIM card/device they control. Allows interception of text messages, phone calls used for two-factor authentication.
— briankrebs (@briankrebs) August 30, 2019
Tweeting about the incident, Twitter said in a series of messages:
We're aware that @jack was compromised and investigating what happened.
— Twitter Comms (@TwitterComms) August 30, 2019
The phone number associated with the account was compromised due to a security oversight by the mobile provider. This allowed an unauthorized person to compose and send tweets via text message from the phone number. That issue is now resolved.
— Twitter Comms (@TwitterComms) August 31, 2019