Hackers are claiming that they have found ways they can take control of Twitter accounts that are suspended and inactive and they are now selling the accounts on the social network.
The group of hackers which calls itself ‘Spain Squad’ said that they had managed to gain control of several accounts thanks to the exploit they had discovered. Some of the exploited accounts include @Hell, @Hitler, @Nazi, @ak47, and @1337.
The interesting case comes into play because records contained by the Internet Archive clearly show that the accounts were really suspended including the @Hitler and @Hell accounts. Other accounts such as the @AK47, @megaupload and @1337 have been inactive for along time already. However they had no apparent links to any hacking groups before they were taken over.
When asked to comment, Twitter refused to, but they have since resuspended the accounts which were part of the group. Whether the social media giant was aware of the exploit before it came out as a report is still unknown, but at least they have moved to suspend the accounts involved.
When Twitter suspends an account based on their rules violations, then it becomes hard for someone to come in and create a new account with the same username, it becomes unavailable. Therefore the fact that hackers found a way to reactivate a suspended account with a username that should not be working is worrying.
Another thing is that accounts are not usually deleted because of their inactivity, therefore when a user wants to start by creating an account with a username that is already in use even though it is not possible.
The username will be permanently unavailable to other users. Therefore it’s unclear at the moment how the hacker group managed to do what it did. One more worrying thing is that no one outside the Spain Squad circle knows how the exploit is being used by the group. The group has also managed to capitalize on this issue and they have now started selling the accounts on Twitter.
The problem might be due to Twitter’s software problems, or maybe a staffers account which might have been compromised. Another issue is knowing whether the problem is still there or it was settled by the suspension of the hijacked accounts which the group was selling then.
Some of the accounts which were for sale displayed registration dates of September 2016, even though the archives showed that some of the accounts should actually show dates before. But do these accounts appeal to anyone? Some analysts believe that a short, and cool looking Twitter username might be considered good in the hacker circle. Some people are even willing to pay money to access these kind of accounts, therefore there us clearly a market for these kind of Twitter accounts. There is an underground market for the Twitter handles as people clamor to buy them.
One Spain Squad member going by the name Akma said that the group did not want to talk about its exploit because they didn’t want it to be patched anytime soon. He was talking through the LizardSquad Twitter account before it was resuspended. He however said that there was an apparent exploit and said that through it they could get any Twitter account they wanted if it was inactive for more than six months. He also claimed that they were capable of suspending and unsuspending Twitter and any account on the social media network. He also said that they could switch handles of any account they wished to.
Researchers have not seen any clue of how the group could swap accounts or suspend them as Akma claims, but Akma threatens that he will do it to one hacking group on Twitter.