Hackers cloned activist Twitter accounts and spread fake news
Hackers are using a new method to eliminate activists’ Twitter accounts, that involves the hacker taking over an account, cloning it and changing the original completely, according to the Independent.
The hackers are familiar with how Twitter’s account recovery and recycling processes work, so they are able to lock the victims out of their accounts and keep them out.
The attack was called the „Doubleswitch” and it was reported by digital rights group Access Now. The hackers have targeted the accounts of journalists, activists and human rights defenders in Venezuela, Bahrain and Myanmar, some of which were verified and had lots of followers.
After hacking the accounts, Access Now says the attackers “updated the account information by changing the password and the associated email address, locking out the legitimate user.” Immediately after this, they changed the accounts’ usernames and took advantage of an option that enables Twitter to recycle unwanted usernames.
“After changing the credentials of the accounts, the hijackers registered Twitter accounts using the original usernames, which were now freely available, and connected the accounts to a new email address,” says the group. “When these victims attempted to recover their accounts, Twitter’s confirmation emails went to the hijackers, who pretended that the issue had been resolved. The hijackers then proceeded to delete one of the original accounts, making it even harder for the victim to recover it.”
The accounts were eventually recovered with help from Twitter. However, hackers had already managed to spread fake news, delete past tweets, confuse followers and damage reputations.