Two More Twitter (X) Accounts Hacked - Secure Your Accounts Now!

8uVB...zE69
26 Feb 2024
242

Recently two influential Twitter accounts were hacked and were used to post cryptocurrency wallet drainier phishing links to their followers.

Please keep reading because your data may have been leaked, and there is a lot you can learn from the two Twitter (X) hacks to prevent the same from happening to you.

Invest Answers Twitter Account Hack Review

The Twitter (X) account invest_answers, which belongs to James Mullarney, is followed by over 181,000 people.

The YouTube channel InvestAnswers, which also belongs to James Mullarney, is followed by over 477,000 people.

On February 7th, James Mullarney discovered his Twitter account had been hacked. Then, he proceeded to make three YouTube videos to warn his followers.
In the first YouTube video (only 56 seconds), JM warns his followers that his Twitter (X) account has been hacked.

He also explains that his Twitter (X) account is protected with a Yubi security key (two-factor authentication), so he cannot figure out how the hackers have managed to hack it.


Later that same day, in a three-minute YouTube video, JM explains that in addition to his Twitter (X) account, his mobile phone number and Yahoo email accounts were hacked.


By the end of February 7th, in an additional video, JM explained that he had regained access to his mobile number and email account but was still locked out of his Twitter (X) account.


Eventually, on February 10th, JM got his Twitter (X) Account back.


Unfortunately, we don’t know exactly how the hack happened because JM has no more information.

But here is our speculation on how the hack could have happened based on the information that JM has made available:

We know that recently, there has been a massive data leak, named by some as the mother of all breaches, and it could be that JM’s Twitter data (e.g., email accounts and phone numbers) has been made available to hackers and scammers.


With that data, the hackers may have taken over James’s Twitter account as follows (again, this is only speculation):

  1. The hackers may have conducted a SIM swap attack to take over James’s mobile phone number as a first step towards hacking into his Twitter account.
  2. Once they had control over the mobile phone number, they could have initiated a Yahoo account recovery process and taken over JM’s Yahoo account.
  3. Once they controlled JM’s Yahoo email account and mobile phone number, the hackers could have initiated a Twitter account recovery process and taken over JM’s Twitter (X) account.


This may be why the Yubi security key 2FA was ineffective in protecting JM’s Yahoo and Twitter accounts. 

The hackers didn’t hack into JM’s accounts but initiated effective recovery processes because they controlled JM’s mobile phone number.

. . .


Regarding how the hackers took control of JM’s account, we know that having access to an influential Twitter account allows hackers to post malicious links to phishing websites. 

Once a victim has clicked over the malicious link and accessed the malicious website, the victim is asked to connect their wallets and approve a malicious Wallet Drainer contract.

Let’s hope those who fell for the hacked Twitter (X) posts had the right tools to flag a malicious website.

How To Identify Phishing Websites — 3 Free Tools



Lawrence Lepard Twitter Account Hack Review

Let’s look at a second Twitter (X) account hack that happened around February 10th, this time to Lawrence Lepard, who has over 160,000 followers on Twitter.

Luckily for us, from LP himself, we have information on how the hackers managed to take control of his Google email address and his Twitter (X) account.


This is an extract from LP’s Twitter post.

We have highlighted in bold the most relevant information:

"I am publishing this highlighting my own stupidity and as a warning for others so this does not happen to them.

Last Saturday i started receiving SIM SWAP requests on my cell phone from my cellular carrier. Someone was trying to steal my number. I replied NO, multiple times but they kept on coming. I called my cell provider and locked my SIM card down. (step 1, correct move). Then I started getting email and text requests to change my password from all kinds of accounts. Someone was clearly attacking my digital identity. Where i fucked up is one of these requests was a text message, pretending to be from Google's Gmail team saying someone was trying to compromise my Gmail account and I had to call them immediately. (this was a PHISH) but I was freaked out and so i fell for it. I called, got someone who sounded official and he said to read back my G mail 2FA number he sent me. Boom. He had control of my email and then instantly used that to gain control of Twitter since Gmail was my Twitter 2FA. What a mess. They had my email and my Twitter. They were after my 159K Twitter followers and instantly used the account to post a Shit Coin Crypto scam where if you clicked on the link your wallet got drained.

Long story short I was lucky because my daughter works at Google and saved my ass, got a high level tech guy to undo the email hack. (Dad, you are an idiot, Google will never call you!!!!). Getting the Twitter back was more difficult. Want to keep some of it private, but suffice it to say that high profile people have to take extra precautions. There are some excellent consultants and services that can help with this. In particular, there is a SIM SWAP prevention service called EFANI and I am in the process of onboarding with them. Apparently there is corruption within some of the cellular carriers and corrupt employees can be bribed to conduct SIM swaps. I am not sure exactly how prevalent this is, but I do know that if you get SIM swapped it is very bad. Thus ends the lesson."

We can take from the tweet that LP also suffered a SIM SWAP attack that didn’t succeed.

The hackers then used social engineering to bypass the Two-Factor authentication (2FA) protection and access his Google account

Once the hackers had access to the Google account, they used it to get access to the Twitter (X) account.

Finally, when the hackers controlled LP’s Twitter (X) account, they posted malicious wallet drainer links.


What Have You Learnt From These Two Stories?

Please, take a few seconds to reflect on what you have just read, and then let’s look at what we have learned together.
.
..

….
…..
First, SIM Two Factor Authentication is not good enough as a Two-Factor Authentication (2FA) method. Because as we have learned, it is quite easy to perform a SIM SWAP and take control of a mobile phone number. 

Here are two more SIM SWAP attacks examples:
Mark Cuban 870K USD Hot Wallet Hack -Could Have Been Prevented?
Blockchain Capital Bart Stephens SIM SWAP Hack — Could Have Been Prevented?

Second, linking your phone number to any of your accounts is not advisable as an account recovery method. 
This is because, after a SIM SWAP, hackers can use the hacked mobile number to recover and take control of your email account.
Once the hackers have gained access to your email account, Twitter account, or YouTube account,… they will unlink your mobile number from those accounts, so even if you revert the SIM SWAP, you will still be locked out.

Third, you must educate yourself on how hacks and scams work.
Even people who take security seriously, like James Mullarney, who uses a security key to protect his accounts, can make mistakes due to a lack of awareness.
It's still speculation, but his downfall may have been to use his mobile number as a recovery method for his Yahoo account.
Or, like in the case of Lawrence Lepard, you must be aware of how sophisticated a social engineering attack can get. 
Next time someone from customer support contacts you to provide sensitive information, we hope that LP’s situation comes to your mind.


The more you know, the better you will be prepared to prevent hacks and scams.


Has Your Twitter Account Data Been Leaked?

If you want to know if you may find yourself in the same situation as JM or LP:

First, check if your personal information has been leaked.

  • If your personal information has been leaked, you must be aware that there is a high probability that you have become a target.
  • For example, if you are a Ledger data leak victim, your mobile number may have been compromised, and you need to take steps to make sure that your SIM card is SIM-SWAP protected. Plus, be aware that you will receive phishing calls and text messages. So better learn what vishing or spear phishing attacks are and how to protect yourself from scammers.



Second, Make sure that your SIM Card lock is enabled.

  • If you are a public figure, a SIM card lock may not be sufficient, so consider taking additional steps, such as the EFANI mobile services protection that LP mentions in his tweet.


Third: Change your key account passwords and ensure your new passwords are strong and unique.

Lastly, increase your digital and crypto security and safety awareness.

_____________________________________________________________


Congratulations on completing this 5-minute crypto and digital safety power-up.
We hope this 5 minutes read was worth the time and that you have learned some valuable information.
Please consider subscribing to our blog for shorter but more important articles about crypto and digital safety.

Crypto Safety First,

Crypto Safety First

Subscribe
Enjoy this blog? Subscribe to CryptoSafetyFirst

19 Comments

B
No comments yet.
Most relevant comments are displayed, so some may have been filtered out.