While the twitter hacking scheme targeted several popular corporate, political, and cultural personalities, the hackers initiated teasing messages involving two hackers on late Tuesday, visible on Discord.
A user named “Kirk” said “you bro” in a conversation whose screenshot is shared by The New York Times. “I work at twitter / don’t show this to anyone / seriously,” the conversation continued.
Kirk then declared that he is capable of controlling official Twitter accounts of valuable users. This thing can probably happen if the person has internal access to the company’s tools and networks.
Another hacker who uses the screen name “lol” received the message, and within 24 hours concluded that Kirk didn’t work for Twitter but was determined to damage the company’s reputation. But, it was clear that Kirk did have access to the company’s sensitive tools and networks that made it easy for him to take control of the company.
4 people who participated in the hacking scheme had a conversation with The Times and shared several screenshots of the conversation they had on Tuesday as well as Wednesday defining how they were involved in the pre and post hack that came up in the public.
According to The Times analysis report on Bitcoin transactions, Kirk played a central role in the attack laundering money on the same Bitcoin address. The Times came upon this conclusion with the help of a research firm Chainalysis.
In a Discord chat the hacker “lol” said “I just wanted to tell you my story because I think you might be able to clear something up about me and ever so anxious.” He also shared all the logs of his conversation with Kirk and also provided the ownership of the cryptocurrency account he used to make transactions with Kirk.
The Investigators who are looking into this fraud revealed that the details provided by the hackers tallied with what they know so far, including the involvement of Kirk in both big as well as smaller hacks on Wednesday.
In the meanwhile, Twitter revealed that the hackers attacked 130 official Twitter accounts while posting tweets from 45 of them. They also downloaded data from 8 of them. The blog post says,
“We’re acutely aware of our responsibilities to the people who use our service and to society more generally.” “We’re embarrassed, we’re disappointed, and more than anything, we’re sorry,” they added.