A twitter user was recently extorted into giving up his twitter user name. The user claims it was worth $50,000, having been offered $50,000 for the username in the past. The twitter user name was @N. Apparently, people tried to steal the user name on several occasions.
The twitter name was stolen via extortion from the rightful owner thanks to information released by GoDaddy and PayPal. The twitter user claims that he received a text from PayPal that someone tried to change his password and then an email from GoDaddy the same day.
He had ignored the PayPal text, but the GoDaddy message was a confirmation of an account change. He tried but was unable to log into his GoDaddy account to change the information back because the last six digits of the credit card on file had already been changed. So he couldn’t prove he was the real owner of the account.
Then the hacker contacted @N and told him it was the Twitter account that he wanted and that the hacker would leave the website data on the GoDaddy servers alone if @N would allow the hacker to take over the twitter account. The hacker went so far as to offer to help the target secure his accounts after the fact.
The hacker says that he was able to get the last four digits of the credit card used for the GoDaddy account by using “very simple engineering tactics” on PayPal to get the last four digits of the card. So he called GoDaddy and told them he lost the card, but remembered the last four digits. He says that GoDaddy allowed him to guess until he got the first two digits of the card correct. The question is will @N ever get his twitter name back?
Who knew that short Twitter user names were so sought after? And it sounds like GoDaddy made it super easy for the hacker to steal.
Image Credit Ariel Zameblich/Wired