Twitter CEO Jack Dorsey’s Twitter account has been hacked by what appears to be the same group that has previously hacked various other high profile YouTubers and social media stars including Shane Dawson, James Charles, and BigJigglyPanda. According to Twitter comms, this hack was once again caused by a phone number being compromised after a “security oversight” from the carrier.
Like with the previous hacks, the group posted tweets to Dorsey’s Twitter account with links to a Chuckling Squad Discord server which they appear to control.
The group also used #ChucklingSquad on some of the tweets which they have done when taking over other accounts.
Another similarity between the hack of Jack Dorsey’s account and the previous hacks of YouTubers and social media stars is that the group flooded Dorsey’s Twitter account with inflamatory tweets while it was compromised.
A further parallel between this hack and previous hacks is that Twitter comms is claiming that “the phone number associated with the account was compromised due to a security oversight by the mobile provider.”
An update: The phone number associated with the account was compromised due to a security oversight by the mobile provider. This allowed an unauthorized person to compose and send tweets via text message from the phone number. That issue is now resolved.
— Brandon Borrman (@bborrman) August 31, 2019
Twitter comms seems to be describing a SIM swap which is the same vulnerability this hacking group appeared to use when hacking the accounts of other YouTubers and social media stars. With these previous hacks, Drama Alert host Keemstar claimed that the carrier AT&T had allowed hackers to call in and SIM swap some of the accounts that were hacked. Several victims of the hacks, including the social media stars Charles, King Bach, and Amanda Cerny, also blamed AT&T for allowing their phone number to be compromised. BigJigglyPanda also appeared to blame AT&T when his Twitter account was hacked earlier this week.
One big difference with this hacking incident is the response time. When BigJigglyPanda was hacked, his Twitter account was compromised for over seven hours, despite many Twitter users flagging the account to Twitter Support and the account itself mass posting content that’s in violation of Twitter’s policies. For Dorsey, the response time was much faster with the account being compromised for just over 20 minutes before either Twitter Support or Dorsey seemed to regain control of the account and delete all of the tweets that appeared to be posted by the hacking group.
After regaining control of the account, Twitter Support has suspended at least one of the accounts that was retweeted by the hacking group from Dorsey’s Twitter account.
— Carpe Donktum🔹 (@CarpeDonktum) August 30, 2019