<Rant> Twitter hacked for the 3rd time <Rant>

[Botsareus]

OMG. This is the third time twitter gives me BS about some service or website not associated with twitter compromised my account and than I am following random people I never wanted to follow. Not that I care, being socially connected even to random people is better than nothing. But very annoying.

[Botsareus]

The good news: I got an ip hit on the mofo. Looks like the individual is from Netherlands. Lets see what my options are. 

[Botsareus]

Looks like a proxy. Attempting to trace further now.

[Botsareus]

hmm... I got another hit from where Numsgil is (see picky)

Numsgil, does any of this look familiar to you?

[spike43884]

hmm... I got another hit from where Numsgil is (see picky)

Numsgil, does any of this look familiar to you?

If thats Numsgil's location (which I have no clue if it is), but if it is then the its either a very, very rare coincidence OR:
Someone sent a computer virus through IM, or through something both of you (and possibly more people, E.G. the dude from the netherlands) which may or may not have lay dormant for a long time, and has been activated as a proxy. This allows the person then to ping back and forth through most of us, taking a long time to be actually trace them down, and its likely they're doing it from some device which they can move (e.g. a laptop) which they've setup to use a dynamic IP.


Are any of our members that were around when IM was up and running from the netherlands? (that we know of atleast)?

[Peter]

...Netherlands here. No, I didn't do anything. And Numsgil neither most likely.

What's the service/website doing it? What does this say?
Where/how did you retrieve the IP?

Enable 2 factor authentication if you think someone else is logging into the account.

[Botsareus]

I am sure it was not you Peter. My end point was indeed a laptop in the woods.
If it keeps up I will probably enable more authorization.
I also posted the Numsgil bit just to be safe for Numsgils sake because that was early on my trace.
Twitter is pretty good at listing ips that have access to my account.

[Peter]

Uh, if you're sure someone messed with it. I would take precautions at once. I never had weird stuff like this happening to me, and that's weird as I've messed around plenty, in windows xp using all kinds of warez and no virus or other kind of protection. Did you do anything strange?

Do you have a password which can be guessed?

[Botsareus]

Yea, I had a reasonably easy to guess password. I changed it because twitter prompted me to do so.

[spike43884]

Yea, I had a reasonably easy to guess password. I changed it because twitter prompted me to do so.

Have a password with numbers 'mixed into' the word. Whole words are easier to guess by a computer or person than ones with numbers in (E.G. Hello is easier to guess they H3ll0).
Also, 2-factor authentication is good, or just regular password changing (2-factor authentication is better, as it requires both devices to be compromised).

[Peter]

From: https://xkcd.com/936/

I'm using random generated passwords by keepass. More due to laziness, than for having stronger passwords. I don't want to remember multiple passwords!

[spike43884]

From: https://xkcd.com/936/

I'm using random generated passwords by keepass. More due to laziness, than for having stronger passwords. I don't want to remember multiple passwords!

Your both correct, and incorrect. For that model of hacking, yes it works.
However, if they're hacking like that, with simple incrementation of lettering, then you can rely on account lockouts really. No, they don't work like that.

They work off both looking for words & doing incrementation. Plus, with the sites that have a 3-guess-limit, it'll probably be a human attempting it, purely as they have a better chance of getting in than a computer within 3 guesses.

So, the solution is to organize your passwords. By having random number/symbol replacements you automatically make it harder for a human or logical guess algorithm to guess, and making it say, a short sentence, makes it slightly more challenging for a simple incrementation.

You make sure then that you follow a rule on all your passwords as to how you replace letters, so it might be that you just replace every o with a 0. I knew someone who did that in the chat of games, without flaw, and it took them a while to move out of that habit after they changed usernames (as the replacement linked to their username, which also replaced o's with 0's).
Then you only have to remember a rule, and a memorable (not random, as random words don't matter to computers on simple incrementation) word/phrase. E.g. the country of your favourite holiday destination + your favourite restaurant there.

Just in case you don't get simple incrementation & logical guessing:
Incrementation:
Guess 1: aaaaaaaaaa
Guess 2: aaaaaaaaab
Guess 3: aaaaaaaaac
Guess 4: aaaaaaaaad
and so on.
Logical guessing, uses information already obtained to make an educated guess (Yes, a computer can kind of do this...)
Firstly, it may use say, your twitter posts, and use words (possibly filtered by wordlength and type to eliminate words like "and") to guess,
Alternatively it may work off known popular passwords or phrases, and slowly work its way down the list of popular words/phrases.


Normally a combination of the methods is used, and I'm sure there is other ways of cracking passwords.

[Numsgil]

hmm... I got another hit from where Numsgil is (see picky)

Numsgil, does any of this look familiar to you?

I'm not poor enough to live in hunter's point

[Botsareus]

hmm... I got another hit from where Numsgil is (see picky)

Numsgil, does any of this look familiar to you?

I'm not poor enough to live in hunter's point

Alright cool.

[Botsareus]

Everyone! Please call 1(669)238-4335 The more the better. Someone did a crappy job on there robocall system. You can actually get trough to the guys doing the robocalls, kinda like a dos attack.

edit: I am not 100% on this but probably Spike paid Peter off to get my passwords trough IM, Peter had nothing, so Spike did not pay him. So Peter ended up hacking twitter to get my phone number.