Somewhere in Twitter HQ, there's a button to silence every single blue checkmark. Another button deletes all their followers, without an explanation. Right there, that's our scold-the-president button. Any president. Button to unpin all tweets that match search term "my*onlyfans".
But you can't press any of those buttons, dramatard. Your shift is over.

As you clock out, pudgy jewish broad wearing homemade holocaust badge handcuffs herself to the front door.

go on 👀

Hold on, let me get comfortable first

Maybe she’s just a Texas Ranger

I'm getting hard, keep going

Wait seriously? Have I died and gone to the great beyond? Where are my 72 virgins?

Hiiiiiiiiii ☺️

Journalist = Spy

Western media is an arm of the totalitarian western security apparatus. No western source should be cited or trusted on any matter, citing a western journalist is essentially like citing the CIA.

This but unironically

[removed]

Just came back but there has been some kind of gigantic hack of Twitter at a site level. The BTC scam link used received over 100k USD.

Either a Twitter admin account got owned or there is an API 0 day.

Shame the attacker didn’t do something crazier - imagine the drama they could have wrought.

It's got to be a demo. They had Space Daddy's account. They could have to set up impossible to trace puts on TSLA and make millions by having him tweet something crazy.

Shit they could have started a war by having Daddy tweet something crazy.

Just a simple Bitcoin scam? No fucking way.

there's screenshots of the twitter admin panel floating around.

Really. Now that's interesting. Maybe this was just someone in over their head? Or why else would you leak that?

Targeted at Twitter itself, maybe? This doesn't make them look good.

who knows.

Targeted at Twitter itself, maybe? This doesn't make them look good.

It's possible. I think it's likely they just wanted a bunch of money, but I think making look Twitter look terrible is also a benefit.

Like the security tools to protect admin accounts for reddit is much stronger than this, since they use stuff like 2FA (for admins it has been around since at least 2015 or so iirc), and have procedures to deal with this sort of thing in a much more quick manner.

I'm surprised it took as long as Twitter did for them to do so much as block the bitcoin address being posted.

Their admin panel looks decent, but it shows everything, from linked email addresses to phone numbers. Here's what it looks like, with all of the personal details censored. It's likely how things got reset.

You either just edit the email, or there might just be a dedicated button to reset the password.

Some of the more interesting takeaways from this:

• Twitter can, and uses the ability to, block people from showing up in search
• Twitter can, and uses the ability to, block people from showing up in trending

It isn't exactly "shadowbanning" as in the formal definition, but the people talking about it were using this stupid mangled definition to mean "blocked from search" or "blocked from trending."

I just feel like there are so many better ways to make money from this. It makes it feel really amateurish. Which is frankly the scarier scenario imo. Was Twitter admin security so lax that Bitcoin scammers were able to Tweet using any account? Even the former Vice President and President?

Could they have tweeted from Daddy's account, "I'm launching nuclear missles at Tehran!"?

This could have caused an international incident and is more proof that social media is the real plague.

Maybe they were worried about what would happen if they got caught. A $100k bitcoin scam is a lot less serious than tanking the stock market, or inciting nuclear war. Also its safer in general - a bitcoin scam is easier to get away with than some of the other high-payoff shit they could have done.

Going for small potatoes like this might actually be a smarter move.

Given what Twitter is claiming, your first theory seems right.

https://twitter.com/TwitterSupport/status/1283591846464233474

We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.

Holy fucking shit.

It could be a legitimate security firm doing this underhandedly to market their pre-existing research/products on the subject.

The guy was shitposting with we wuz kangs pol stuff on his own Twitter account. He probably didn't want deumf to lose.

Hahahaha it was a poltard? The mysterious hacker known as 4chan strikes again!

I'm trying to find a picture but I'm pretty sure twitter has purged most of them. He made an account with proof of the admin tools to blackist people, he had 814k followers basically in hours and his profile picture was this with Epstein's black book as his background picture.

Holy shit that's hilarious. He's probably going to get caught too so that'll be funny

If they managed to hit an admin with a phish then a bot could easily log in to their tools even before a 2FA token expires. And once they're in, they're in.

maybe but you'd also have to grab the OTP code from the admin if they set up their system correctly unless you can just go into the admin tools without any reauthentication at any point, which is somewhat alarming.

I honestly don't see a phishing angle to this, because you'd have to know enough about the internal system to get access to it.

I bring up the model of reddit because it's the one I know, but it prevents a lot of problems by adding a second step. If I want to grant myself admin powers as an admin, I would need to do a few things

1. I need to login with my credentials (and OTP code).
2. I need to click "turn admin on"
3. I need to reenter my password and OTP code.
4. I can then perform administrative actions across the site such as banning subreddits, reading your raunchy PMs.

Oh and if someone gains access to my account, a person who has shell access can go into the shell and edit the liveconfig and kill my admin perms, reset my password, and suspend my account while I get my shit together.

The last point is a bit important too because this wouldn't have happened if there was any semblance of monitoring or reporting tools available to a more senior person to fix it.

You have much more faith in twitter's protection of their admin tools than I do hahahah. We can at least agree on the ridiculous lack of oversight though

yeah. I guess it's just baffling to me that this was like "everything burning for 6 hours" and not "someone got kicked out of the admin panel within 10 minutes"

Impossible to trace puts are hardly a thing. The trick is to have no-one looking into your shorting.

I mean I figure if you placed the orders under multiple stolen IDs over the course of a few days and then laundered the gains through Bitcoin etc, that should be pretty difficult, if not impossible to trace, I would think.

I guess it's doable, yet the logistics scare me. Those stolen IDs won't be coming in with cash, you need bank accounts and make them not tracing to you. Then you need to get the money fast enough, which they might have some time limits in place for lump sums, especially for shorting cases. Then you need to get the money to bank accounts that should not trace to you, then you need to launder the BTC through merging pools because BTC is absolutely transparent. Then you have the issue of BTC having dirty and clean coins. Then you need to safely convert BTC to fiat in an untraceable manner.

On top of that, there can be some ML algo sniffing out these fork-join account patterns in real time.

Oh for sure it would be a pain to set up but it's doable if you're looking to make millions. That's why this feels so amateurish to me. 100k seems like a small amount considering all the scrutiny this is going to be under.

I wouldn't risk decades in prison for 100k but I could imagine some lucky but not so smart Bitcoin scammers doing it.

If they hacker lives in Abkhazia, Transnistria, or the disputed Ukrainian territory, he's risking nothing.

True. Maybe I just wish they did something more substantial. Still feels like amateur hour to me though.

It’ll follow the economy, as is tradition

That gets so complex so fast, and any crumb could be the one that the NSA uses to bust you. Why risk a fat, clean payday, with shit that will surely get you busted?

I suppose so. I just feel like a more sophisticated attacker could have done that from overseas without too much risk.

They definitely have added security on dipshits account. The fact that he wasn’t hacked too proves it.

Probably only CTO and select staff are allowed to even look at it after going through hoops in pairs and logging what they do.

True. Didn't some Twitter employee ban Daddy's account for a little while one day? Probably added more security then too

Yeah. They were fired and deleted it as a parting shot.

The real interesting thing here is that the DMs were accessible so get ready for supposed screenshots to make the rounds.

🙏🏾🙏🏾🙏🏾 thank you drama gods 🙏🏾🙏🏾🙏🏾

over a 100k? How does 10 million sound???

It's actually kind of crazy, they literally programmed a way to make people tweet whatever they want into Twitter admin access itself. They could just make trump tweet n bombs whenever they want.

Twitter is going full CHAZ

u can't say that and then not post a link for those of us who don't use that trash website

Looks like Twitter may not be as r-slurred as I previously thought.

Indeed, they're even more retarded than previously thought possible.

it's hilarious right now make it permanent.

this is like cocaine but retarded and I love it

inshallah