A recent attack on Twitter was a group of young people from the United States and the United Kingdom who communicated with each other on the Discord messenger and was led by someone with the nickname Kirk, who claimed to be working on the social network itself and has internal access to user accounts, writes the New York Times with a link to the hackers who participated in the hacking and the screenshots they provided to the publication of the correspondence in the messenger.
According to NYT, they managed to contact four participants in the hack, among them – users under the nicknames Lol and Ever so anxious. The Times was initially put in touch with the hackers by a security researcher in California, Haseeb Awan, who was communicating with them because, he said, a number of them had previously targeted him and a Bitcoin-related company he once owned.
According to the participants in the events, the communication between the hackers was carried out in the Discord messenger. At the center of the whole scheme was user Kirk. It was he who withdrew funds from the wallet where the scammers asked to transfer bitcoins, the publication reports with reference to its own analysis of transactions in cryptocurrency.
User Lol shared with the publication screenshots of the correspondence with the user under the nickname Kirk, in which Kirk claimed to be working on Twitter, so he has access to the accounts of users of the social network.
“Bro, I work on Twitter, don’t show this message to anyone seriously,”Kirk.
It is noted that user Kirk was not widely known in hacker circles until the attack on Wednesday. His Discord profile was not created until July 7th. Even for other hackers who worked with him, his identity remained unknown.
The break-in participants “met” shortly before the start of the entire operation. Kirk contacted Lol on Tuesday night and Wednesday – Ever so anxious on Discord, where he invited them to become intermediaries – to sell Twitter accounts on the Internet, according to the publication. Lol and Ever so anxious already had an established reputation on OGusers.com, where hackers sell “valuable” social media names stolen from users. Usually such names – @dark, @w, @l, @50 and others, which the newspaper cited as an example – consist of a single number or letter and thus attract attention, which makes them very valuable, the newspaper notes.
For each transaction carried out Lol and Ever so anxious, its own share was relied, the newspaper writes. These operations showed how widespread Kirk had access to Twitter systems: he could quickly change basic security settings for any user and send photos of posts from internal Twitter systems as proof that he was in control of the accounts.
One of the buyers who acquired the name @6, the well-known hacker PlugWalkJoe, behind which the 21-year-old Briton Joseph O’Connor is hiding, told the publication that, according to other hackers, Kirk gained access to Twitter systems and servers when he was able to get into company channel in Slack corporate messenger.
According to those with whom the newspaper managed to communicate, 3:30 p.m. Eastern time on Wednesday, Kirk switched to hacking the accounts of famous people – ex-President Barack Obama, businessman Elon Musk and others.
According to Lol, only Kirk was behind the hacking of celebrity accounts. He later stopped responding to his intermediaries.
“I just wanted to tell you my story because i think you might be able to clear some thing up about me and ever so anxious,”“lol” said in a chat on Discord, where he shared all the logs of his conversation with Kirk and proved his ownership of the cryptocurrency accounts he used to transact with Kirk.
Although Lol did not reveal his identity, he told the publication that he lives in the USA and he is about 20, and his friend with the nickname Ever so anxious said that he is 19 years old, he lives in the UK with his mother.
Who is behind the nickname Kirk, as well as his motives could not be established, the newspaper writes.
The newspaper claims that the investigators leading the burglary case have confirmed that some of the details shared by the hackers with the publication coincide with what has so far been established as a result of the investigation.
Previously unknown persons hacked the accounts of a number of American celebrities. Among the victims of the hacking were former US Vice President Joe Biden, ex-President Barack Obama, Tesla and SpaceX founder Elon Musk, billionaires Bill Gates, Michael Bloomberg and Warren Buffett, Amazon CEO Jeff Bezos, rapper Kanye West, Apple, Uber other. The authors of the messages in the hacked accounts promised to return the bitcoins sent to them within 30 minutes in double size.