Picking up the pieces after the @N Twitter account theft

Two days ago, Ars ran a syndicated story by software developer Naoki Hiroshima on how his potentially valuable Twitter handle was stolen (the story originally appeared on Medium). Hiroshima described a painful ordeal wherein an attacker extracted credit card information from his PayPal account, used that information to reset the login credentials for Hiroshima’s GoDaddy account, and then modified the domain’s MX records (the set of DNS entries that tell everyone else on the Internet where to send that domain’s e-mail) away from Hiroshima’s servers to their own. The attacker also appeared to have modified a number of other details of Hiroshima’s GoDaddy account, making it impossible for Hiroshima to gain access. The attacker then attempted to reset the password to Hiroshima’s Twitter account, “@N,” but was unsuccessful.

Unable to gain access to the @N account, the attacker then e-mailed Hiroshima and threatened to take action against Hiroshima’s website’s domains unless he changed his Twitter handle to something else, allowing the attacker to assume the “@N” handle—which he would then presumably sell.

Hiroshima attempted to regain access to his GoDaddy account, but GoDaddy wouldn’t restore his access, because Hiroshima no longer appeared to be the legitimate owner of the account. Even involving a GoDaddy executive didn’t appear to fix things. A day later, after further threats from the attacker, Hiroshima surrendered the @N handle, and the attacker promptly sent Hiroshima his GoDaddy login credentials. It was a successful hostage exchange, as such things go, but Hiroshima found himself victimized with no apparent recourse other than acceding to the attacker’s demands.

Read 57 remaining paragraphs | Comments

    



via Ars Technica http://ift.tt/1desqtj

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s