A few days ago, we learned about the story of Naoki Hiroshima who was forced to hand over the @N Twitter handle to a hacker who had hijacked his GoDaddy account. It appears that this isn’t an isolated case. The owner of the @JB Twitter username has a similar story.
Because of Justin Bieber and the Jonas Brothers, it’s not surprising that many people and companies would really like to have @JB, currently owned by Josh Bryant, the co-founder and CEO of Droplr, an easy and secure file sharing service.
Unlike Hiroshima, Bryant didn’t get many Twitter password reset emails because of the social media network’s system that requires users to provide some specific information about the account’s owner before using the “forgot password” feature.
However, one day, Bryant received a password reset notification from Amazon. He ignored it, but after a while, he received another email informing him that the password was successfully changed. Three other emails showed that the attacker had also been targeting his Apple account.
To prevent his account from being hijacked permanently, Bryant immediately re-reset the Amazon password and changed it through the website. Then, he called up Amazon to tell them that someone was attempting to hijack his account, and instructed the company to ignore future password reset requests over the phone.
That’s because the attacker had social engineered an Amazon employee into giving him access to the account via phone.
Next, Bryant called Apple. He learned that someone made 4 support calls in an effort to gain access to his iCloud account. He told Apple representatives the same thing he had told Amazon, not to allow any request over the phone.
Later, he received an email from iCloud support with instructions on how to reset his password. Interestingly, the email was also sent to the hacker, so Bryant learned his address.
After contacting him via email, the attacker admitted that he was after the @JB Twitter username. The hacker explained to him how he had obtained the information needed to trick Amazon support into giving him access to the account.
Fortunately, he failed to check the Amazon Web Services (AWS), which hosts all the technology and files for Droplr.