undefined | Better HN

0 pointsdanso5y ago0 comments

> At least some of the compromised accounts have multi-factor authentication enabled, including CoinDesk's.

Interesting. I wonder if it was a SMS hack, and if not, then a new kind of vulnerability?

0 comments

Is there a way to pin a tweet via SMS? I don't think so... and these tweets are getting pinned.

I believe OP meant that the attackers got access to the account by hacking SMS, thus getting the verification code and legitimately logging in the accounts.

duskwuff5y ago

Twitter dropped support for SMS posting earlier this year:

https://www.theverge.com/2020/4/27/21238131/twitter-sms-noti...

dansoOP5y ago

I meant in the sense of SIM-swap hacks, though SMS-posting would also make sense as a vector (had Twitter not recently ended it)

https://info.phishlabs.com/blog/sim-swap-attacks-two-factor-...

j / k navigate · click thread line to collapse