Hackers found a way to resurrect suspended and inactive Twitter accounts
Bill Pugliano/Getty Images
"Spain Squad" gained control of a number of accounts they allege were obtained with the exploit, including @Hell, @Hitler, @Nazi, @ak47, and @1337.Worryingly, the Internet Archive shows that several of the handles held by Spain Squad were previously suspended - including @Hitler, @Hell, and @LizardSquad, an account previously owned by the notorious hacking group of the same name.
Twitter declined to comment, but has since (re)suspended all the accounts apparently obtained using the vulnerability. It's not clear whether the social network was aware of the vulnerability before Business Insider reached out for comment.Once an account has been suspended by Twitter for rules violations (such as harassment or spam), there is not normally any way to create a new account with the same username - it is permanently unavailable. As such, the fact that hackers found a way to resurrect suspended accounts could have had worrying implications.
Similarly, accounts are not normally deleted for inactivity, so if someone chooses to abandon their account, their username should be permanently unavailable to others (unless Twitter chooses to delete an account to free it up).It's not clear how Spain Squad has been doing this: Unlike previous exploits that have been used to steal Twitter accounts, it looks like no one outside of Spain Squad knows the secret to the alleged exploit - and the group capitalised on this to try and sell the valuable accounts.It could be a vulnerability in Twitter's software, a compromised staff account, or some other explanation. It's also unclear whether the exploit is still active, or was patched concurrently with the banning of the hijacked accounts.
Most of the accounts in question (before being suspended again) displayed registration dates of September 2016 - despite archives showing these accounts should actually be years old.
What's the appeal of these accounts? Short, interesting, or "cool" handles for Twitter (and other social networks platforms) can be a kind of status symbol for some in hacker-y circles. People are even willing to pay money for them, so there's a minor underground market in jacking "OG" handles and selling them on. (Brian Krebs, an independent security journalist, wrote a good piece on the phenomenon back in November 2015.)
A Spain Squad member called Akma, speaking via the @LizardSquad Twitter account prior to its re-suspension, told Business Insider that "we don't want to talk about our exploit ... we don't want get patched soon."But they did provide more detail about the apparent exploit, claiming that they "can get any [account] if he has an activity on his account for more than 6 months ... we can suspend Twitter ... and we can unsuspended Twitter ... [and] swap @ to other @user."
He added: "You can see what tweets I post, just for fun. After this, we going to deactive accounts or suspend again."
- No offline exams up to Class 8 in Delhi govt schools
- CBSE board reduces syllabus for Class 10 social science exam
- 3rd Test: Axar Patel takes six wickets as India bowl out England for 112
- Promises made in Rajasthan govt budget will be fulfilled by robust financial management: CM Gehlot
- On his 100th test, Ishant Sharma is only next to Kapil Dev among Indian fast bowlers