Connect with us

Industry

Influencers Blame AT&T for Social Media Account Hacks

Published

on

  • James Charles, Shane Dawson, Etika, King Bach, and Amanda Cerny were all targets of social media hacks on either their Instagram or Twitter accounts.
  • The hacker posted several racist and homophobic comments from their pages, threatened to expose nude photos, and made claims regarding past controversies.
  • Several of the stars blamed AT&T for the hacks, saying they are a result of the hacker switching SIM-card data.

Influencers Blame AT&T for the Hack

Several social media stars are blaming AT&T for a series of account breaches that seemingly involved the same hacker.

James Charles, Shane Dawson, Etika, Amanda Cerny, and King Bach were all victims of hacks on Twitter and Instagram over a three-day-long period.

“My ATT phone number was compromised earlier today and all of my social media accounts were therefore hacked too!” Beauty YouTuber James Charles wrote on Twitter Saturday. “Your fraud department just HUNG UP ON ME. Contact me immediately. This is a major security threat & my lawyer will be reaching out too.”

Influencer Amanda Cerny also criticized the phone provider, saying this isn’t the first time she’s fallen victim to an attack while paying for AT&T’s service.

“Second time My phone number was hacked because of human error within company at @ATT?!” she said “I have all possible steps of verification added after the first time again and my account was still compromised… time to switch carriers. Be careful out there everyone.”

“All the text messages went to his phone,” Internet comedian King Bach said in a video. “He could see everything I was typing in my phone, so when I changed my password, he saw what the fuck I changed it to. The store is closed. The customer service is trash. I was on the phone for hours just trying to figure this shit out and I couldn’t get no help, so bottom-line: you’re trash. T-mobile, holla at me. Sprint, holla at me. Verizon, holla at me.”

The three social media stars claim the hacker likely SIM-swapped their accounts, meaning the hacker would have had to call AT&T pretending to be one of the influencers.

Once they managed to convince AT&T they were the account owners, they could have requested that the carrier switch the phone number to a different SIM card that they owned. To do this, the hacker would have likely needed the influencers’ phone numbers beforehand. 

AT&T has yet to comment on the situation, though the telecommunications giant currently faces a legal battle over a separate SIM-swapping incident.

History of the Hacks

Cerny and King Bach were the first to experience the hacks on Thursday. Both influencers’ Instagram accounts fell victim to the attack, and King Bach’s Twitter was also compromised. 

Both accounts linked back to a Discord page apparently started by the hacker. The hacker also leaked several direct messages between King Bach and Justin Bieber.

Both King Bach and Cerny managed to reclaim their accounts soon after.

Another hack occurred Friday on YouTuber Shane Dawson’s Twitter account. This time, the hacker posted a series of offense messages, which included racist and homophobic language.

In one post, the hacker hearkened back to World War II, claiming Nazi Germany deserved to win World War II a tweet that also included the n-word.

Source: @shanedawson

The hacker also used homophobic slurs against James Charles and made unsubstantiated claims of having “intel on Jake Paul raping underage girls.”

Source: @shanedawson

The hacker also alluded to a controversy involving past comments Dawson made about having sexual relations with his cat on a podcast – comments which Dawson has repeatedly apologized for.

The hacker claimed to be a rich bitcoin hacker. They also claimed they were handing out Dawson’s password, linking back to the Discord page posted on Cerny and King Bach’s accounts.

Shortly after the hack began, Dawson or his team regained control of his account and deleted the offensive messages. 

On Saturday, the hacker then gained control of Etika’s Twitter, an influencer who died by suicide in June.

While taking over Etika’s Twitter, the hacker alluded to the YouTuber’s death by making such comments as “I’m back alive! Currently chuckling with the boys” and “I’m currently drowning.”

On the same day, James Charles’ Twitter was also hacked. During the breach, the hacker continued to post offensive and racist comments and also threatened to expose Charles’ nude photos.

The beauty influencer later regained control of his account, with the hacker’s Twitter account has since being suspended.

James Charles Posts Nude Photo

The beauty guru then combatted the revenge-porn threats by posting his own nude photo.

“hi I got my account back,” he wrote. “Just case I ever get hacked again, here’s the ONLY nude I’ve ever taken! can’t threaten me with it now get a life.”

Following the move, many people criticized him for posting the photo. One person commented, “literally no one asked for this.”

“yeah well i didn’t ask to have my security and privacy threatened either,” the YouTuber replied, “so this is me taking back ownership of the situation, move on with your day.” 

As the tweet slid into the realm of online memes, others seemingly made fun of the situation by posting their own nude photos using the same caption, including Ethan Klein of h3h3 Productions and podcaster Adam Grandmaison.

Many others still criticized the original post, calling it unnecessary.

Many others attempted to cover up his backside with other images.

At the same time, several others came to James Charles’ defense, drawing parallels to recent hacks involving Bella Thorne and Whitney Cummings, both of whom were applauded for leaking their own nude photos after being hacked.

See what others are saying: (People) (Daily Dot) (Dexerto)

Industry

Hackers Hit Twitch Again, This Time Replacing Backgrounds With Image of Jeff Bezos

Published

on

The hack appears to be a form of trolling, though it’s possible that the infiltrators were able to uncover a security flaw while reviewing Twitch’s newly-leaked source code.


Bezos Prank

Hackers targeted Twitch for a second time this week, but rather than leaking sensitive information, the infiltrators chose to deface the platform on Friday by swapping multiple background images with a photo of former Amazon CEO Jeff Bezos. 

According to those who saw the replaced images firsthand, the hack appears to have mostly — and possibly only — affected game directory headers. Though the incident appears to be nothing more than a surface-level prank, as Amazon owns Twitch, it could potentially signal greater security flaws. 

For example, it’s possible the hackers could have used leaked internal security data from earlier this week to discover a network vulnerability and sneak into the platform. 

The latest jab at the platforms came after Twitch assured its users it has seen “no indication” that their login credentials were stolen during the first hack. Still, concerns have remained regarding the potential for others to now spot cracks in Twitch’s security systems.

It’s also possible the Bezos hack resulted from what’s known as “cache poisoning,” which, in this case, would refer to a more limited form of hacking that allowed the infiltrators to manipulate similar images all at once. If true, the hackers likely would not have been able to access Twitch’s back end. 

The photo changes only lasted several hours before being returned to their previous conditions. 

First Twitch Hack 

Despite suspicions and concerns, it’s unclear whether the Bezos hack is related to the major leak of Twitch’s internal data that was posted to 4chan on Wednesday.

That leak exposed Twitch’s full source code — including its security tools — as well as data on how much Twitch has individually paid every single streamer on the platform since August 2019. 

It also revealed Amazon’s at least partially developed plans for a cloud-based gaming library, codenamed Vapor, which would directly compete with the massively popular library known as Steam.

Even though Twitch has said its login credentials appear to be secure, it announced Thursday that it has reset all stream keys “out of an abundance of caution.” Users are still being urged to change their passwords and update or implement two-factor authentication if they haven’t already. 

See what others are saying: (The Verge) (Forbes) (CNET)

Continue Reading

Industry

Twitch Blames Server Configuration Error for Hack, Says There’s No Indication That Login Info Leaked

Published

on

The platform also said full credit card numbers were not reaped by hackers, as that data is stored externally. 


Login and Credit Card Info Secure

Twitch released a security update late Wednesday claiming it had seen “no indication” that users’ login credentials were stolen by hackers who leaked the entire platform’s source code earlier in the day.

“Full credit card numbers are not stored by Twitch, so full credit card numbers were not exposed,” the company added in its announcement.

The leaked data, uploaded to 4chan, includes code related to the platform’s security tools, as well as exact totals of how much it has individually paid every single streamer on the platform since August 2019. 

Early Thursday, Twitch also announced that it has now reset all stream keys “out of an abundance of caution.” Streamers looking for their new keys can visit a dashboard set up by the platform, though users may need to manually update their software with the new key before being able to stream again depending on what kind of software they use.

As far as what led to the hackers being able to steal the data, Twitch blamed an error in a “server configuration change that was subsequently accessed by a malicious third party,” confirming that the leak was not the work of a current employee who used internal tools. 

Will Users Go to Other Streaming Platforms?

While no major creators have said they are leaving Twitch for a different streaming platform because of the hack, many small users have either announced their intention to leave Twitch or have said they are considering such a move. 

It’s unclear if the leak, coupled with other ongoing Twitch controversies, will ultimately lead to a significant user exodus, but there’s little doubt that other platforms are ready and willing to leverage this hack in the hopes of attracting new users. 

At least one big-name streamer has already done as much, even if largely only presenting the idea as a playful jab rather than with serious intention. 

“Pretty crazy day today,” YouTube’s Valkyrae said on a stream Wednesday while referencing a tweet she wrote earlier the day.

“YouTube is looking to sign more streamers,” that tweet reads. 

I mean, they are! … No shade to Twitch… Ah! Well…” Valkyrae said on stream before interrupting herself to note that she was not being paid by YouTube to make her comments. 

See what others are saying: (Engadget) (BBC) (Gamerant)

Continue Reading

Industry

The Entirety of Twitch Has Been Leaked Online, Including How Much Top Creators Earn

Published

on

The data dump, which could be useful for some of Twitch’s biggest competitors, could signify one of the most encompassing platform leaks ever.


Massive Collection of Data Leaked 

Twitch’s full source code was uploaded to 4chan Wednesday morning after it was obtained by hackers.

Among the 125 GB of stolen data is information revealing that Amazon, which owns Twitch, has at least partially developed plans for a cloud-based gaming library. That library, codenamed Vapor, would directly compete with the massively popular library known as Steam.

With Amazon being the all-encompassing giant that it is, it’s not too surprising that it would try to develop a Steam rival, but it’s eyecatching news nonetheless considering how much the release of Vapor could shake up the market.

The leaked data also showcased exactly how much Twitch has paid its creators, including the platform’s top accounts, such as the group CriticalRole, as well as steamers xQcOW, Tfue, Ludwig, Moistcr1tikal, Shroud, HasanAbi, Sykkuno, Pokimane, Ninja, and Amouranth.

These figures only represent payouts directly from Twitch. Each creator mentioned has made additional money through donations, sponsorships, and other off-platform ventures. Sill, the information could be massively useful for competitors like YouTube Gaming, which is shelling out big bucks to ink deals with creators. 

Data related to Twitch’s internal security tools, as well as code related to software development kits and its use of Amazon Web Services, was also released with the hack. In fact, so much data was made public that it could constitute one of the most encompassing platform dumps ever.

Creators Respond

Streamer CDawgVA, who has just under 500,000 subscribers on Twitch, tweeted about the severity of the data breach on Wednesday.

“I feel like calling what Twitch just experienced as “leak” is similar to me shitting myself in public and trying to call it a minor inconvenience,” he wrote. “It really doesn’t do the situation justice.”

Despite that, many of the platform’s top streamers have been quite casual about the situation.

“Hey, @twitch EXPLAIN?”xQc tweeted. Amouranth replied with a laughing emoji and the text, “This is our version of the Pandora papers.” 

Meanwhile, Pokimane tweeted, “at least people can’t over-exaggerate me ‘making millions a month off my viewers’ anymore.”

Others, such as Moistcr1tikal and HasanAbi argued that their Twitch earning are already public information given that they can be easily determined with simple calculations. 

Could More Data Come Out?

This may not be the end of the leak, which was labeled as “part one.” If true, there’s no reason to think that the leakers wouldn’t publish a part two. 

For example, they don’t seem to be too fond of Twitch and said they hope this data dump “foster[s] more disruption and competition in the online video streaming space.”

They added that the platform is a “disgusting toxic cesspool” and included the hashtag #DoBetterTwitch, which has been used in recent weeks to drive boycotts against the platform as smaller creators protest the ease at which trolls can use bots to spam their chats with racist, sexist, and homophobic messages.

Still, this leak does appear to lack one notable set of data: password and address information of Twitch users.

That doesn’t necessarily mean the leakers don’t have it. It could just mean they are only currently interested in sharing Twitch’s big secrets. 

Regardless, Twitch users and creators are being strongly urged to change their passwords as soon as possible and enable two-factor authentication.

See what others are saying: (The Verge) (Video Games Chronicle) (Kotaku)

Continue Reading