Hackers used simple SIM swap to take over Twitter CEO Jack Dorsey’s account
The hackers, who call themselves the Chuckling Squad, hijacked Dorsey’s account on Friday afternoon. They were able to tweet out offensive messages before Twitter took back control.
Twitter immediately launched an investigation into the security incident. There were a few theories on what exactly happened, though it appeared that the hackers posted the tweets from an app called Cloudhopper, which the social media platform bought in 2010.
The phone number associated with the account was compromised due to a security oversight by the mobile provider. This allowed an unauthorized person to compose and send tweets via text message from the phone number. That issue is now resolved.
— Twitter Comms (@TwitterComms) August 31, 2019
Cloudhopper allows users to post tweets by texting messages to a certain number. The service only requires a phone number to be linked to an account on the platform, and it looks like Dorsey had his linked.
The hackers were able to acquire Dorsey’s phone number through “a security oversight,” allowing them to send out tweets on his account through Cloudhopper. Regular users, meanwhile, should not worry that the security breach affected everyone on the service.
The method, called SIM swapping, convinces carriers to assign a phone number to a new phone that is in the hands of the attackers. Chuckling Squad has been using the technique for years, with prominent attacks against online influencers, according to The Verge. It also appeared that the group has something going on with AT&T, which is also Dorsey’s carrier. However, it remains unclear how exactly they acquired the Twitter CEO’s phone number.
This is not the first time that Dorsey’s account was compromised. Back in 2016, hackers associated with OurMine took over the account, claiming that they were testing the platform’s security, following takeovers on the Quora account of Google’s Sundar Pichai, and the Instagram, LinkedIn, Pinterest, and Twitter accounts of Facebook’s Mark Zuckerberg.
The new security incident involving Dorsey reveals that his Twitter account is set up like a regular user, with all the vulnerabilities that it entails. It is unclear why the company did not provide additional safeguards on Dorsey’s account to protect against attacks such as SIM swapping, even after their CEO was already targeted in the past.