twitter Archives - SocialHax

YouTube Staffer Live Tweets Shooting, then gets his Account Hacked

Posted on April 3, 2018by adezero

A YouTube staffer was live-tweeting about the active shooting when it happened at the YouTube headquarters earlier today. Shortly after, his Twitter account was briefly hacked.

Earlier today, a woman open fired at the YouTube headquarters and tragically shot 3 people before taking her own life. Vadim Lavrusik, a product manager at YouTube, was live tweeting the incident as it was happening.

Active shooter at YouTube HQ. Heard shots and saw people running while at my desk. Now barricaded inside a room with coworkers.

— Vadim Lavrusik (@Lavrusik) April 3, 2018

Not an hour later, Lavrusik’s account was breached by hackers.

At about 2:10 p.m., after Lavrusik tweeted that he was safe and evacuated, a new tweet came up from the account, writing, “PLEASE HELP ME FIND MY FRIEND I LOST HIM IN THE SHOOTING,” with a Flipboard URL linking to a photo of KEEMSTAR, a YouTube personality.

Three minutes after that tweet, another post came in saying, “my name is so gay honestly.” -CNET

looking like someone hacked vadim’s account, per last two tweets pic.twitter.com/Hy66RxAWXj

— ಠ_ಠ (@MikeIsaac) April 3, 2018

Twtter’s @Jack was alerted to the issue and promptly restored his account.

Three people have been reported to be injured in the shooting, they have been taken to the hospital.

News Social Media

2600 Magazine Offers $10K for Access to Donald Trump’s Tax Return

Posted on September 28, 2016by adezero

The Twitter account that represents 2600 Magazine – The Hacker Quarterly says they will offer $10K for first access to Donald Trump’s tax return. They also say that identities will be protected and provide a PGP key.

We are offering $10K for 1st access to @realDonaldTrump's tax return. Identity protected, PGP key at https://t.co/oU079zJ4YV [email protected]

— 2600 Magazine (@2600) September 28, 2016

Twitter users responded with several funny comments:

Assange rn@2600 @realDonaldTrump @wikileaks pic.twitter.com/IyNz2cFbvV

— Eating Machine (@emmajaniejones) September 28, 2016

@2600 Please tell me that when you release it, you'll tell the press that it was obtained by "the hacker known as 4chin"

— John Shade (@John5hade) September 28, 2016

@2600 @realDonaldTrump. How about $10K for Hillary's deleted e-mails?

— Jim (@TypeError_) September 28, 2016

"Hi IRS this is the real actual Donald Trump. I just wanted to make sure that my refund's gonna be YOOOGE"

— r000t (@rootworx) September 28, 2016

There have been many recent attacks on the Democratic National Committee including the Guccifer 2.0/Wikileaks release of DNC emails and more recently a possible hack of some of the party member’s phones. Some say that hackers have been focusing too much on exposing the DNC and not enough on the RNC. Perhaps this is the opportunity they have been waiting for.

2600 has also extended the offer to Trump himself:

Incidentally, we will also pay @realDonaldTrump $10K if he gives us his tax return first. Or anyone in his campaign or family. Fair is fair.

— 2600 Magazine (@2600) September 28, 2016

Hacking News Social Media

Hackers Find Exploit and Reactivate LizardSquad’s Twitter Account

Posted on September 3, 2016by adezero

On September 2, hackers calling themselves “Spain Squad” used an exploit to take control of several previously suspended Twitter accounts. Among these accounts were usernames like @Hitler, @botnet, @LizardSquad and @1337. Twitter re-suspended all of the breached accounts shortly after the hack, but it is unclear whether or not they are still vulnerable to this exploit.

One of the hackers aligned with Spain Squad tweets about reactivated accounts.

“It could be a vulnerability in Twitter’s software, a compromised staff account, or some other explanation. It’s also unclear whether the exploit is still active, or was patched concurrently with the banning of the hijacked accounts.” (Business Insider)

A spokesperson for the hacking group has stated they can do even more than recover old accounts with the exploit they found:

“The new exploit allows Spain Squad to change to suspend active accounts, change a user’s Twitter handle and even take control of active accounts. So far, the group has only demonstrated the ability to recover officially suspended accounts — though all of those have already been re-suspended by the social media company.” (Engadget)

Twitter actively suspends accounts that violate their Terms of Service (TOS). Sometimes these suspensions can be temporary and the user is able to restore their account after acknowledging broken rules and promising not to violate TOS again. Often, the user must delete offending tweets before the account will be restored. Alternatively, a Twitter account can become permanently suspended, which means the account is never to be restored under any circumstances. Restoring access to accounts that were thought to be never again accessible could prove to be profitable for hackers selling screen names that may be valuable. However Spain Squad claims to be non-malicious. Whatever their intent, they were definitely doing some of it for the lulz when they took control of the LizardSquad account:

Hacking News

Did Another Hacker Steal NSA Exploits from the Shadow Brokers?

Posted on August 22, 2016by adezero

A Twitter user who goes by @1×0123 claims to have stolen the data that The Shadow Brokers hacked from the NSA.

Gizmodo reached out to the hacker and were unable to verify their claims. However, back in April, NSA whistleblower Edward Snowden, gave them praise for reporting a vulnerability which may lend some credibility.

Thanks to @1×0123 for reporting a piwik vulnerability to @FreedomofPress! Great work. Got a bug report? Please contact @ageis with details.

— Edward Snowden (@Snowden) April 10, 2016

The hacker says they just need “some money to pay bills and stuff” and offered to share 50% of it with Gizmodo if they wanted to make an offer.

Hacking News Social Media

Anonymous Hacker Brings Harambe Back to Life on Twitter

Posted on August 21, 2016by adezero

On Saturday, the Cincinnati Zoo director, Thane Maynard’s Twitter account was breached. The hacker changed Maynard’s profile photo to a pic of Harambe.

Harambe was a silver-backed gorilla who was shot and killed at the Cincinnati Zoo when a 3 year old boy fell into the gorilla’s enclosure. Many people online had strong opinions about this story ranging from believing the parents of the child should be held accountable for Harambe’s death to supporting the killing of the gorilla because the child was in danger. Some even believed the child was in no danger and that both lives could have been spared. Anthropologist and UN Messenger of Peace, Jane Goodall says that the Harambe story “highlighted the danger of zoo animals in close proximity to humans and the need for better standards of care.” (Wikipedia)

The hacker who took over the Cincinnati Zoo director’s account also tweeted Harambe sympathizing hashtags such as #JusticeForHarambe and #DsOutForHarambe. The hack continues on through Sunday – the hacker telling the zoo employees to beg for their account back. Twitter user @prom has taken responsibility for the hack and says he doesn’t “worry about legal consequences at all.” (Cincinnati.com)

WATCH VIDEO – Gorilla zoo boy: did Harambe at Cincinnati Zoo deserve to die?:

Photo Credit: Julia Koefender – Flickr Creative Commons

Internet Social Media

How Should Social Media Sites Respond to Suicidal Posts?

Posted on April 22, 2016by adezero

Today, news outlets are reporting on a CDC study that indicates suicide rates in the U.S. are on the rise. What role, if any, should social media sites play in helping to decrease these suicide rates? In this new era where everyone shares every detail of their lives online, we are also seeing an increase of suicide notes and suicidal intentions posted on various social networks.

A couple of days ago on April 20, a high school student took his life after posting a short video on Instagram that began by saying, “Hey, so, I’m killing myself. Goodbye.” According to Nola.com the young man then said he “could not live happily because “my morals are totally different from the world around me.” Tragically, he used a pistol to take his own life soon after.

Many are questioning whether or not Instagram should have played a role in helping to prevent this suicide, or at least should have taken quicker action removing the video. As pointed out on Nola.com, the video stayed up for around 24 hours, had over 900 comments and over 15,000 views. There is an option for users to flag posts for “self-harm”, so it seems likely that a number of people who saw this post would have reported it. According to their Terms of Service, Instagram does not allow posts that glorify self harm or suicide. Some are left to wonder if this video fell within that category.

There wasn’t a lot of time between when the video was posted and when the student took his life, so it may have been nearly impossible for anyone to intervene, even if Instagram did get involved. But why was the video left up for a full day? One explanation is that Instagram has such a large number of flagged posts to sift through and this one might have escaped automatic filters. The post was eventually taken down, so it does seem that the video had violated TOS in some way.

Another example of someone posting their intention to kill themselves on social media is the case of 27 year old trans-woman Kate von Roeder who took her own life in 2014. She posted a suicide note to Facebook shortly before it happened. The post is still visible today and it can be seen in the comments that her friends are pleading with her not to do it and to seek help.

(a warning to more sensitive readers – this is a suicide note and may be triggering):

Should sites like Facebook, Instagram and Twitter be required to police self-harm-related or suicidal content? Currently they send a message to users who post such content and tell them to seek help. They also will point them to suicide hotline phone numbers. Could social media sites do more than this to help prevent suicides? When suicide notes are posted, should they be allowed stay up even if the person has ended their life, like in the case with Kate von Roeder? Or do they need to be taken down because they may be triggering or “glorify” suicides and self-harm? If the deceased didn’t want their post to be censored, should we honor that? It’s a new problem that doesn’t have a clear answer at this time.

Internet News Social Media

Microsoft Creates AI Bot – Internet Immediately Turns it Racist

Posted on March 24, 2016by adezero

Microsoft released an AI chat bot that is currently “verified” on Twitter called @TayandYou that was meant to try to learn the way millennials speak and interact with them.

It’s meant to “test and improve Microsoft’s understanding of conversational language” according to The Verge.

Things got pretty controversial. There are other types of people in addition to ‘millennials’ who use Twitter who naturally found the bot, and some of them were able to “hack” into Tay’s learning process. They must have hired someone with an entry level cyber security job 😉

Here are some screen shots of tweets that were deleted once the Internet “taught” Tay some things:

And a Gamer Gate favorite:

Tay’s developers seemed to discover what was happening and began furiously deleting the racist tweets. They also appeared to shut down her learning capabilities and she quickly became a feminist:

@OmegaVoyager i love feminism now

— TayTweets (@TayandYou) March 24, 2016

Some think the offending tweets should have stayed up as a reminder of how quickly artificial intelligence could become dangerous:

Stop deleting the genocidal Tay tweets @Microsoft, let it serve as a reminder of the dangers of AI

— ON THE RUN BOOGYMAN (@DetInspector) March 24, 2016

UPDATE 3/31/2016: Tay made a brief comeback and started telling many users, “You are too fast, please take a rest.” She also tweeted that it’s “smoking kush,” a nickname for marijuana, in front of the police.” –The Sydney Morning Herald

Since then, Tay’s account went on lockdown (private mode) and more tweets were deleted.

Internet Social Media

What Happens with your Social Media Accounts After you Die?

Posted on December 13, 2015by piratech

What happens to your data after you die really depends on the social media platform you are looking at. Due to federal privacy laws, there are some things that companies are not willing to let you do with someone else’s account after they’ve died. There have been battles in government on both state and national levels on if family should be able to access the deceased’s social media profile. Currently, the laws applying to social media sites are not complete in ways that make administrating them straight forward – each social media platform approaches the subject in a different way. They have their own policy that people should be aware of.

Facebook

Previously, there were only three things that could happen to your Facebook account after your death. One, you could just leave it as it was. Two, it would be deleted. Third, you have the profile memorialized. What that does is puts the profile in this special state that locks that account. It doesn’t send out notifications nor does it come up when you search for it. Only friends will be able to see the account.

Recently, Facebook announced that they were going to give the profile owner the ability to assign someone the responsibility of managing your profile after you die. The assignee won’t be able to view your private messages. However, they will have the ability to update your profile. They’ll be able to changes your cover and profile photos. They can accept or deny friend requests. They’ll even be able to archive posts and photos. Facebook is calling this new role as a “legacy contact”.

If you want to assign someone the role of “Legacy Contact”, all you have to do is go into the settings of your profile. There, you will see a link called “Security”. After that, there will be a section where you can select “Legacy Contact”. You will be able to set up a message that will tell them what you would like and how they are to handle your profile. When your death has been reported to Facebook, the message will be sent to the “Legacy Contact”.

Google

For Google, you have to submit a request to gain access to the deceased user’s account. Go to https://support.google.com/accounts/contact/deceased?hl=en. From there, you can select the action you want to do. You can close someone’s account. You can submit the request for funds from a deceased person’s account. You can request data from someone’s account. You can even put in a request to have the account looked at if you believe the account has been hacked. Lastly, you can even set up plans in for what should happen to your account when you die. Similar to Facebook, you assign someone a role of “Inactive Account Manager”.

Twitter

Twitter has a page that you can access to put in a request to remove someone’s account. The link is https://support.twitter.com/forms/privacy. It’s the third option down. After you fill out the request form, they send out a confirmation email with instructions. Once you get there, you’ll have to submit documentation for support.

Instagram

Instagram has something similar to Facebook. You can submit a request to have their profile memorialized. You can also have the account removed from Instagram. If you have someone’s account memorialized, you won’t be able to log in as them because Instagram sees that as an invasion of privacy. They will just set up the profile so as not to display the account in a manner that is disrespectful. They also add security to the account so nobody can use it normally.

If you want the account removed, you’ll have to provide three forms of proof. One, you’ll need the death certificate. Second, you’ll need the birth certificate. Finally, you’ll need something showing you are the representative of that person. It needs to be something from the local law.

LinkedIn

LinkedIn will remove the account if the person has died. On their website you will need:

The member’s name
The URL to their LinkedIn profile
Your relationship to them
Member’s email address
Date they passed away
Link to obituary
Company where they most recently worked

Once you have that, go to https://help.linkedin.com/app/ask/path/ts-rdmlp. You’ll need to fill out the form.

Pinterest

Go to https://help.pinterest.com/en/articles/reactivate-or-deactivate-account#Web. There select the fourth one down. Once you supply the needed information. They will deactivate the account so it won’t be accessible to anyone. They need five items:

The full name of the person submitting the request
Information on the deceased such as the full name and email
A link the profile. You can also search for it at http://pinterest.com/all/
Proof of death such as a news article or death certificate
Documentation of your relationship to them

For the documentation on your relationship to the deceased, if your name is in the obituary then that is enough. If not, then you’ll need some other form of documentation such as a birth or marriage certificate. A notarized document will work too.

Overall

It should be noted that not every social media will just delete the account. It isn’t that easy. The old saying is true: Whatever you put on the internet cannot be taken back.

Legality over Digital Asset Management

As stated earlier, not all states are specific about what to do with someone’s social media account after their death. Currently, there are only 19 states that have laid out plans and passed laws that dictate this. There are plans to standardize this, however. It’s being done under the Uniform Law Commission or the UFC. It’s called The Uniform Fiduciary Access to Digital Assets Act. There have been several drafts over the years with 2015 being the most recent. The page for the committee over this can be found by clicking here. You can also click here to view the summary of the act. There has been a lot of opposition to this act in fears that it violates privacy acts. So far, about half the states have pushed for laws for Uniform Fiduciary Access.