How I Lost My $50,000 Twitter Username posted January 2014

So this guy owned @N on twitter and got extorted his account by a phishing attack. The story is well written and you should read it here : https://medium.com/p/24eb09e026dd

but for a tl;dr the attacker called his paypal account to ask them for his credit card's last 4 digits. Then he called godaddy to ask them to reset the password. They only asked him for the 2 first digits and the last 4s. The attacker just had to guess the 2 first digits (and he did it on the first try, he could have kept calling and trying otherwise).

Now that he had @N's domain's name, he could now see his emails. Took over @N's facebook account and started mailing him "threats".

It's pretty crazy how easy phishing is.

Well done! You've reached the end of my post. Now you can leave a comment or read something else.

Here are some random popular articles:

- KangarooTwelve
- Problems that UDP and only UDP has
- Zero'ing memory, compiler optimizations and memset_s
- Bits and Bytes ordering in 5 minutes
- A New Public-Key Cryptosystem via Mersenne Numbers
- Developers Are Not Idiots
- How did length extension attacks made it into SHA-2?

Here are some random recent articles:

- zkVMs are cool, but have you heard of zkCPUs?
- A note on the elliptic curve pairing checks in zero-knowledge proofs
- Don't go in debt, and other mistakes not to make when receiving stocks or crypto tokens as payment
- They're all SNARKs
- A journey into zero-knowledge proofs
- First zksecurity public report is out!
- Two And A Half Coins episode 5: Bitcoin transactions, the Bitcoin script and UTXOs

How I Lost My $50,000 Twitter Username posted January 2014

Comments

leave a comment...

How I Lost My $50,000 Twitter Username posted January 2014

Comments

leave a comment...

Subscribe to the mailing list