1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Big Twitter commandeered

Discussion in 'Twitter' started by rawaccess, Oct 15, 2016.

  1. rawaccess

    rawaccess Regular Member

    Joined:
    Dec 5, 2008
    Messages:
    239
    Likes Received:
    14
    I have (had) a Twitter. It is in the millions, verified and a trademarked brand name.

    Someone in Russia just southwest of Moscow has locked me out and posts porn to this account. Somehow, there is an association with Hyperballad, India, but I am unclear how.

    I contacted Twitter support 8 hours for "Hacked Account" but have yet to receive a response. I provided IP's and other info to prove my identity.

    It's interesting how rapidly the commandeerer restores the email, phone and password after I began making attempts to revert the info (still had mobile access before that session expired). Four times in a row the other agent prevented me from restoring the account by altering the info as I was doing it. Could there be an automated script doing this?

    Phone verification was enabled yet the agent was still able to access the account. Further, I revoked all but two "apps."

    Questions:

    Is there such an automated script that auto changes logins as an account is being restored?

    How is account access obtained that circumnavigates the phone text verification?

    Which leads to: Since phone verification does not prevent an account from being commandeered, then how can I prevent this from happening in the future assuming Twitter reverts access back to me?

    If Twitter ignores the support ticket, do you think I could file a DMCA and copyright infringement request to regain control?

    Thanks
     
  2. HoNeYBiRD

    HoNeYBiRD Jr. VIP Jr. VIP

    Joined:
    May 1, 2009
    Messages:
    7,507
    Likes Received:
    8,436
    Gender:
    Male
    Occupation:
    Geographer, Tourism Manager
    Location:
    Ghosted
    I guess all of that is possible for a hacker.

    Nowadays hackers get passwords either by social engineering/guessing or with using a keylogger, brute forcing is pretty rare. You can prevent guessing, if you get a password, which cannot be guessed easily. You can prevent keylogging by having an appropriate AV/firewall and a key scrambler app, at least for the most part. However if you're already infected with a keylogger, it's better, if you just use a different device (which is not on the same network) to change the account password, when Twitter gets back to you. Maybe your whole network is infected and they can access everything, not just your Twitter account, but your emails, phone, everything. At least i don't really see any other explanation how would they be able to lock you out, when you have the login SMS verification enabled.

    It would be a great idea to run a full system scan with Malwarebytes and Hitman Pro and see if those find anything or not.

    If Twitter doesn't respond (i think they will), you're pretty much out of luck, it's only them who can give the account back to you or a hacker you hired, but we don't talk about such things here. :)
     
  3. rawaccess

    rawaccess Regular Member

    Joined:
    Dec 5, 2008
    Messages:
    239
    Likes Received:
    14
    Thank you, sir.

    I concur with your postulation that my system may be compromised. I too cannot offer any other explanation as to why phone verification failed.
     
  4. rawaccess

    rawaccess Regular Member

    Joined:
    Dec 5, 2008
    Messages:
    239
    Likes Received:
    14
    No word from Twitter support.

    Lost over 2 million followers in 4 hours. Why this is happening is unknown. I do not know of a tool that can force unfollows. This would, however, be an effective preventitive measure on Twitter's behalf to avoid users being subjected to porn links tweeted by this compromised account.

    The machine I've been using during this time is clean.
     
  5. rawaccess

    rawaccess Regular Member

    Joined:
    Dec 5, 2008
    Messages:
    239
    Likes Received:
    14
    Over 3 days no reply from Twitter support. They probably get blasted with requests.

    Just filed a trademark infringement report with Twitter. Let's see if this works.

    All the followers were restored. Odd that after the account was commandeered the follower list dropped to .01% then was restored in a matter of 8 hours. Must be an automated system Twitter has in place.
     
  6. rawaccess

    rawaccess Regular Member

    Joined:
    Dec 5, 2008
    Messages:
    239
    Likes Received:
    14
    Account returned to me Monday via Twitter support. Everything is normal. So far, so good.