Jack Dorsey, the Twitter CEO, had his account hacked on Friday by a group known as the Chuckle Squad.
The hackers tweeted racial slurs and Holocaust denial from Dorsey’s account in tweets that have subsequently been deleted. The attack lasted around 15 minutes before the posts were removed from the site.
How did it happen?
Twitter have placed the blame squarely with Dorsey’s mobile provider rather than their own security being compromised, claiming:
The phone number associated with the account was compromised due to a security oversight” which “allowed an unauthorised person to compose and send tweets via text message from the phone number.
The hacking technique is known as ‘simswapping’ or ‘simjacking’ and involves taking an existing phone number and then transferring it to a new SIM card.
According to the BBC this is often accomplished by tricking, or bribing customer support staff at a mobile provider.
The tweets appear to be sent via Cloudhopper, a company that Twitter previously bought to aid its SMS service. The SMS method of updating a Twitter account was commonly used during the early days of the social media site and is sometimes cited as the reason for character limits on Tweets. More recently the Tweet method is used within developing countries where data costs are often high.
Who is responsible?
The hack appears to be the work of the Chuckle Squad, the group responsible for Twitter attacks on a number of celebrities last week including YouTuber and beauty vlogger James Charles.
What was posted on Jack Dorsey’s Twitter account?
Multiple racist and antisemitic messages were tweeted from the CEO’s account, along with a link to a Discord server that the group asked people to join.
The invitation link has since been deactivated with a Discord representative telling The Verge: “Both the server and the server owner were permanently removed from Discord within minutes of this being reported to us.”
The offensive messages that came directly from the @jack account used the n-word and made anti-semitic comments regarding the holocaust, including claiming that ‘Hitler was innocent.’ At one point the hackers also suggested there could have been a bomb within the Twitter HQ, and encouraged followers to help them get Chuckle Squad trending across the social media website.