Twitter Hack: 8 Accounts Compromised, Data Downloaded, Hacker Confesses! New York Times Reveals Young Hacker's Intrusion Process and Motives

According to The New York Times, the recent Twitter hack involving high-profile accounts may have been the work of a few young hackers on Discord, an instant messaging platform.

Here's how the story goes: Someone going by the name "Kirk" claimed to be an insider at Twitter, showing the ability to take control of Twitter accounts. Initially, those who received the message, like "lol," doubted Kirk's claims of being a Twitter employee, but he did demonstrate control over accounts such as Apple, Uber, Elon Musk, Bill Gates, former U.S. President Obama, presidential candidate Biden, and others after the incident unfolded.

Act of Youngsters? Kirk Hacks into Twitter's Internal Communication Channels

According to a report, the attack was not orchestrated by foreign adversaries or professional hackers, but rather by a group of young hackers from the internet. Based on cryptocurrency addresses, along with conversations on Discord and Twitter, it was determined that the hack was carried out by a group of four individuals, with Kirk taking the lead.

lol and another hacker known as "ever so anxious" revealed in an interview with The Times that they initially joined Kirk in his actions to buy and take over some lesser-known Twitter accounts. However, they distanced themselves when Kirk started targeting more high-profile accounts. According to reports, lol is in his twenties and resides on the U.S. West Coast, while ever so anxious is a 19-year-old youth living with his mother in the UK. Both are longstanding users of the website OGusers, where people buy and sell stolen social media accounts at high prices.

Kirk, a new user on Discord, approached ever so anxious and lol before the incident to act as intermediaries in selling Twitter accounts. Initially, lol closed a deal for $1,500 worth of Bitcoin. ever so anxious also advertised on OGusers. As business grew, Kirk demonstrated further his control over accounts, including their security settings.

Another key figure is a well-known hacker nicknamed PlugWalkJoe, who was identified by the cybercrime media Krebs on Security as a suspicious key figure as clues from the compromised Twitter accounts led back to his real identity. The 21-year-old British man, self-identified as Joseph O’Connor, claimed that he only bought the @6 account through ever so anxious and was not involved in the incident. Joseph O’Connor further mentioned that he heard from other hackers that Kirk found a way into Twitter's internal Slack channel (work communication software), allowing him to breach Twitter's servers.

All three individuals who interacted with Kirk before the incident stated that they were not involved.

Post-Incident: Twitter's Investigation Report

Twitter released a statement last Saturday, stating that hackers manipulated Twitter employees to take certain actions that allowed them to control employee accounts, even those with two-factor authentication (2FA). Ultimately, the hackers targeted around 130 accounts, reset the passwords of 45 accounts, and downloaded data from eight accounts. Twitter also confirmed that the hackers indeed attempted to sell some accounts.

Regarding whether more private information was compromised, Twitter mentioned:

1. Hackers could not view previous account passwords
2. Hackers were able to view user information, including email addresses and phone numbers
3. Messages from compromised accounts could be viewed

Twitter is currently in contact with the affected accounts to verify if any undisclosed data was breached. During the investigation, the owners of these accounts cannot download their data. Twitter also stated that they will take more proactive measures to ensure security and will release more details in the future.