Hackers Take Over Jack Dorsey’s Twitter Account

The Twitter account of Jack Dorsey, co-founder and chief executive of Twitter, was briefly taken over by hackers over the weekend.

The attackers apparently used a SIM-swapping attack to access the account, security experts said.

Credit for the hack was taken by a group calling itself Chuckling Squad.

Dorsey’s account tweeted racist and offensive remarks for about 15 minutes late on Friday.

SIM swap

Twitter said a security lapse at an unnamed mobile operator allowed the attack to take place, and said its own systems remained secure.

“The phone number associated with the account was compromised due to a security oversight by the mobile provider,” Twitter stated.

“This allowed an unauthorised person to compose and send tweets via text message from the phone number. That issue is now resolved.”

Security journalist Brian Krebs said it appeared that Dorsey had been targeted by a SIM-swapping attack, and an unnamed source confirmed to the BBC that this was what had occurred.

SIM-swapping involves an attacker tricking a mobile operator into transferring a phone number to a SIM card under the attacker’s control.

In this case, the attackers apparently hijacked Dorsey’s phone number, and then used it to post messages directly to Twitter via text message.

Twitter launched in the days before smartphone apps, and still allows messages to be posted via text message.

Embarrassment

The hackers’ messages, some of which were posted directly and others of which were retweeted, included racist remarks and a bomb threat.  The account has more than four million followers.

A chat channel on the website Discord was also apparently set up by the hackers to joke about the incident.

The channel has now been shut down and the offending tweets removed.  Some of the Twitter accounts named in the tweets and retweets were suspended over the weekend.

Chuckling Squad has taken credit for a number of recent hacks on Twitter accounts belonging to online personalities, including vloggers and YouTubers.

The incident comes at a time when Twitter and other social media companies are under fire over a range of privacy and security issues.

It’s an embarrassment for the service, which is used by prominent world leaders including the US president.