Author

Topic: [SCAmWATCH] NFL Jason Verrett Twitter Hacked; Promoting Elon Musk Scam Site (Read 132 times)

sr. member
Activity: 1624
Merit: 315
Leading Crypto Sports Betting & Casino Platform
It seems that the social attack is what makes many people have their account hacked, but this does not explain the question and the persistence of attackers obtaining a lot of verified Twitter accounts that are used in scam.

One of the problems with Twitter is that verifying accounts has become easy. I know many people whose accounts have been verified and they are directors of institutions or public joint-stock companies and they have only a few thousand followers.
The reason for the persistence of attackers is the effectiveness of the first step which social engineering towards the people that they are targeting and when it is compromised, they sell those accounts depending on the status of the person that owns the account in this case Jason Verrett. I think the verified status doesn't really mean a lot besides being able to distinguish your account from other possible poser accounts.
legendary
Activity: 3094
Merit: 1472
It seems that the social attack is what makes many people have their account hacked, but this does not explain the question and the persistence of attackers obtaining a lot of verified Twitter accounts that are used in scam.

One of the problems with Twitter is that verifying accounts has become easy. I know many people whose accounts have been verified and they are directors of institutions or public joint-stock companies and they have only a few thousand followers.

Don't you think that the main problem is that people fall for this too easily. I know that there are many loopholes in such platforms but people should also think twice before falling for this. This type of hacking will continue on and there would be always a type of trap laid out there. But well people will always fall for this as they think they are getting money too easily. They don't care if they throw a penny for that as they are promised to get some unreal return.

There are also some celebrities who actually had tweeted about scam and people have blindly invested in such.
staff
Activity: 1316
Merit: 1610
The Naija & BSFL Sherrif 📛
One of the problems with Twitter is that verifying accounts has become easy. I know many people whose accounts have been verified and they are directors of institutions or public joint-stock companies and they have only a few thousand followers.
The process was paused a few years ago, I wonder how people are getting verified, I have two pals on Twitter with less than 2k followers with a verified badge. I asked but they won't say it though. I thing they found a way to manipulate the system.

We're working on a new authentication and verification program. In the meantime, we are not accepting any public submissions for verification and have introduced new guidelines for the program. We are conducting an initial review of verified accounts and will remove verification from accounts whose behavior does not fall within these new guidelines. We will continue to review and take action as we work towards a new program we are proud of.
legendary
Activity: 2702
Merit: 4002
Quote
A researcher who worked with the FBI on the investigation into the Twitter breach said that the hack was the result of painstaking research Clark and the other two hackers did into Twitter employees. They started by scraping LinkedIn in search of Twitter employees who were likely to have access to account-holder tools. The hackers then used features LinkedIn makes available to job recruiters to obtain the employees’ cell phone numbers and other private contact information.
It seems that the social attack is what makes many people have their account hacked, but this does not explain the question and the persistence of attackers obtaining a lot of verified Twitter accounts that are used in scam.

One of the problems with Twitter is that verifying accounts has become easy. I know many people whose accounts have been verified and they are directors of institutions or public joint-stock companies and they have only a few thousand followers.
legendary
Activity: 3094
Merit: 1472
Here is the news about culprit who hacked twitter last year: https://www.theguardian.com/technology/2021/mar/16/florida-teen-sentenced-twitter-bitcoin-hack

He is now behind bars for 3 years. Lucky for him as in court it was proven that he was teenager. It's gonna be same for that guy as well^.

Here is how Graham Clark did this:

Quote
A researcher who worked with the FBI on the investigation into the Twitter breach said that the hack was the result of painstaking research Clark and the other two hackers did into Twitter employees. They started by scraping LinkedIn in search of Twitter employees who were likely to have access to account-holder tools. The hackers then used features LinkedIn makes available to job recruiters to obtain the employees’ cell phone numbers and other private contact information.

The attackers called the employees and used the information obtained from LinkedIn and other public sources to convince them they were authorized Twitter personnel. Work-at-home arrangements caused by the COVID-19 pandemic also prevented the employees from using normal procedures such as face-to-face contact to verify the identities of the callers.

With the trust of the targeted employees, the attackers directed them to a phishing page that mimicked an internal Twitter VPN. The attackers then obtained credentials as the targeted employees entered them. To bypass two-factor authentication protections Twitter has in place, the attackers entered the credentials into the real Twitter VPN portal within seconds of the employees entering their info into the fake one. Once the employee entered the one-time password, the attackers were in.

The hackers then took over celebrity accounts and used them to push a cryptocurrency scam.

“I am giving back to the community,” an account belonging to Biden soon tweeted. “All Bitcoin sent to the address below will be sent back doubled! If you send $1,000, I will send back $2,000. Only doing this for 30 minutes... Enjoy!”

Similar tweets came from other celebrity accounts.




(Source: https://arstechnica.com/tech-policy/2021/03/i-was-a-teenage-twitter-hacker-graham-ivan-clark-gets-3-year-sentence.)
staff
Activity: 1316
Merit: 1610
The Naija & BSFL Sherrif 📛
There are bad assh scammers out there who specializes in phishing attack and data collection after which they sell it off to hackers. Most of the time the insiders are responsible for data breach.
I can't understand how easy it has become these days for scammers to hack verified accounts of prominent people on Twitter

What really surprised me in the past (2020) was when one celebrity 2fa-enabled Twitter account was hacked, it was protected by another layer of protection which is 2fa but yet hacked.
This attack was done by someone from inside, I've never seen anyone bypass 2fa
legendary
Activity: 1624
Merit: 1200
Gamble responsibly
I can't understand how easy it has become these days for scammers to hack verified accounts of prominent people on Twitter, to either promote one form of giveaway scam or the other. Elon Musk has cut a popular figure in the crypto world of late, endorsing Bitcoin and being quite vocal about a few other coins, thus it's only normal that his name be used by scammers, to create fake giveaway sites and threads.
What really surprised me in the past (2020) was when one celebrity 2fa-enabled Twitter account was hacked, it was protected by another layer of protection which is 2fa but yet hacked, if such can happen, we need to be very careful online. But what thing about such giveaway is that victims will be told to pay certain amount and get double or more of the amount paid which is a lie, giveaway should not request for anything, if requesting, it should not be done by anyone for not to become victim.
legendary
Activity: 2184
Merit: 1302
I can't understand how easy it has become these days for scammers to hack verified accounts of prominent people on Twitter, to either promote one form of giveaway scam or the other. Elon Musk has cut a popular figure in the crypto world of late, endorsing Bitcoin and being quite vocal about a few other coins, thus it's only normal that his name be used by scammers, to create fake giveaway sites and threads.
Those of you who are so addicted to the words from your favourite celebrities sometimes I feel sorry for you. Grin
Words or tweets from celebrities could matter to you, except in things that have to do with your money/funds or investments, when it comes to those, "do not trust, but always verify", and imo, by now everyone should know Bitcoin giveaways do not exist.
staff
Activity: 1316
Merit: 1610
The Naija & BSFL Sherrif 📛
NFL super star Jason Verrett Twitter page  is the last place you wanna be right now, the account is hacked for 2 days now promoting Elon Musk scam giveaway site. Those on Twitter you need to be careful I think the rise in bitcoin price has brought hackers back to twitter once again after the worse nightmares last year.



Twitter profile
Code:
https://Twitter.com/Jfeeva_2

Fake giveaway site
Code:
www.Musk-gain.com

Those of you who are so addicted to the words from your favourite celebrities sometimes I feel sorry for you. Grin
Jump to: