Jack Dorsey's ongoing mission to promote citizenship of public discourse failed on Friday, when an anonymous hacker took to his Twitter account for 20 minutes and retweeted @taytaylov3r's claim that "Nazi Germany did nothing wrong."  Twitter, as you probably know, if you spent time there, there is a continuing, well-documented problem with the Nazis, white supremacists and other extremists. It seems taytaylov3r's account has since been suspended.
The CEO account retrieval for the company seems to have started around 3:45 pm Eastern Time, when about two dozen tweets and retweets were dropped. Several of the tweets were tagged #ChucklingSquad, the name of an apparent group of hackers who were in the account distribution this week. Before Dorsey, they hit a number of influencers, including Zane Hijazi on the popular Zane and Heath podcast and Anthony Brown, who goes through BigJigglyPanda . The Chuckling Squad also appears to have compromised and published mockingbirds on the YouTuber Etika account, which was found dead in June.
This makes the @jack hack potentially only the latest and highest profile in a series of acquisitions. Twitter confirmed the incident on Twitter – in case anyone thinks Dorsi was intentionally threatening a bomb from his account – and said the company was "investigating the incident." 19659006] Brian Barrett via Twitter
Some of the influencers who have been affected over the last two weeks have blamed so-called SIM swap attacks with a particular focus on AT&T. When exchanging a SIM, a hacker either persuades or bribes an employee of an operator to switch the numbers associated with the SIM card to another device, at which point they can intercept all two-factor authentication codes sent by text message. (It is difficult to stop a specific SIM swap, but at least you have to switch from a two-factor SMS to an authentication application). AT&T did not immediately respond to a request from WIRED about the number of hacks this month or whether the @jack incident was linked.
One potential clue was in the tweets themselves, which indicated that they were sent by a Cloudhopper client. Cloudhopper is a messaging infrastructure company that Twitter acquired in 2010 to better integrate its service with SMS. This has led to some speculation that Dorsey was somehow still logged into Cloudhopper for all those years and hackers were catching on to this account. But this is not quite right.