Social Engineering Blogs

An Aggregator for Blogs About Social Engineering and Related Fields

2600 Magazine Offers $10K for Access to Donald Trump’s Tax Return

The Twitter account that represents 2600 Magazine – The Hacker Quarterly says they will offer $10K for first access to Donald Trump’s tax return. They also say that identities will be protected and provide a PGP key.

We are offering $10K for 1st access to @realDonaldTrump’s tax return. Identity protected, PGP key at https://t.co/oU079zJ4YV [email protected]

— 2600 Magazine (@2600) September 28, 2016

Twitter users responded with several funny comments:

Assange rn@2600 @realDonaldTrump @wikileaks pic.twitter.com/IyNz2cFbvV

— Eating Machine (@emmajaniejones) September 28, 2016

@2600 Please tell me that when you release it, you’ll tell the press that it was obtained by “the hacker known as 4chin”

— John Shade (@John5hade) September 28, 2016

@2600 @realDonaldTrump. How about $10K for Hillary’s deleted e-mails?

— Jim (@TypeError_) September 28, 2016

“Hi IRS this is the real actual Donald Trump. I just wanted to make sure that my refund’s gonna be YOOOGE”

— r000t (@rootworx) September 28, 2016

There have been many recent attacks on the Democratic National Committee including the Guccifer 2.0/Wikileaks release of DNC emails and more recently a possible hack of some of the party member’s phones. Some say that hackers have been focusing too much on exposing the DNC and not enough on the RNC. Perhaps this is the opportunity they have been waiting for.

2600 has also extended the offer to Trump himself:

Incidentally, we will also pay @realDonaldTrump $10K if he gives us his tax return first. Or anyone in his campaign or family. Fair is fair.

— 2600 Magazine (@2600) September 28, 2016

The post 2600 Magazine Offers $10K for Access to Donald Trump’s Tax Return appeared first on Social Hax.

Hackers Find Exploit and Reactivate LizardSquad’s Twitter Account

On September 2, hackers calling themselves “Spain Squad” used an exploit to take control of several previously suspended Twitter accounts. Among these accounts were usernames like @Hitler, @botnet, @LizardSquad and @1337. Twitter re-suspended all of the breached accounts shortly after the hack, but it is unclear whether or not they are still vulnerable to this exploit.

One of the hackers aligned with Spain Squad tweets about reactivated accounts.

One of the hackers aligned with Spain Squad tweets about reactivated accounts.

“It could be a vulnerability in Twitter’s software, a compromised staff account, or some other explanation. It’s also unclear whether the exploit is still active, or was patched concurrently with the banning of the hijacked accounts.” (Business Insider)

A spokesperson for the hacking group has stated they can do even more than recover old accounts with the exploit they found:

“The new exploit allows Spain Squad to change to suspend active accounts, change a user’s Twitter handle and even take control of active accounts. So far, the group has only demonstrated the ability to recover officially suspended accounts — though all of those have already been re-suspended by the social media company.” (Engadget)

Twitter actively suspends accounts that violate their Terms of Service (TOS). Sometimes these suspensions can be temporary and the user is able to restore their account after acknowledging broken rules and promising not to violate TOS again. Often, the user must delete offending tweets before the account will be restored. Alternatively, a Twitter account can become permanently suspended, which means the account is never to be restored under any circumstances. Restoring access to accounts that were thought to be never again accessible could prove to be profitable for hackers selling screen names that may be valuable. However Spain Squad claims to be non-malicious. Whatever their intent, they were definitely doing some of it for the lulz when they took control of the LizardSquad account:

socialhax hackers poodlecorp lizardsquad skids hack exploit twitter suspended accounts

The post Hackers Find Exploit and Reactivate LizardSquad’s Twitter Account appeared first on Social Hax.

Are The Shadow Brokers Like Snowden? Theory Suggests Insider Hack

By now, most of our readers have heard of the Shadow Brokers, the hacker group who obtained a large trove of data from the National Security Agency (NSA) and leaked information about the NSA’s cyber tools. The cyber tools were apparently stolen from the Equation Group, a cyber attack operation who experts believe are part of the NSA.

(Watch a quick overview about the NSA hack – “NSA Reportedly Hacked By Group Called The Shadow Brokers”):

Initially, evidence suggested that the Shadow Brokers were Russian, but a new theory is emerging that whoever is leaking this data might be “a second Edward Snowden… albeit one with different motives” (Fortune). James Bamfield, a journalist who is well known for his publications about United States intelligence agencies, believes that Russia would not want to publish these hacks if they obtained them, because companies would quickly patch their vulnerabilities and the information would soon be worthless to anyone trying to sell the data. He also brings up that the bad English used by the hackers seems to be phony. Furthermore, he suggests that the hacker(s) could be linked to the NSA’s Tailored Access Operations (TAO) which is a unit of the surveillance agency that gathers intelligence related to cyber-warfare. He states:

“Rather than the NSA hacking tools being snatched as a result of a sophisticated cyber operation by Russia or some other nation, it seems more likely that an employee stole them. Experts who have analyzed the files suspect that they date to October 2013, five months after Edward Snowden left his contractor position with the NSA and fled to Hong Kong carrying flash drives containing hundreds of thousands of pages of NSA documents.

So, if Snowden could not have stolen the hacking tools, there are indications that after he departed in May 2013, someone else did, possibly someone assigned to the agency’s highly sensitive Tailored Access Operations” (Reuters).

As of now, the “second Snowden” theory is just that – a theory. Most experts still say Russia is behind the hacks. Nevertheless, as Bamford puts it in his commentary – the “NSA may prove to be one of Washington’s greatest liabilities rather than assets.”

The post Are The Shadow Brokers Like Snowden? Theory Suggests Insider Hack appeared first on Social Hax.