Posted on July 27, 2022 at 7:09 PM

Threat actors are no longer limiting their targets to individuals and small organizations. Social media giant recently suffered a data breach after a hacker built a database of phone numbers and email addresses via vulnerability. According to the report, the data breach saw the compromise of over 5.4 million accounts, with the data now being offered on the dark net for $30,000.

A hacker with the pseudonym “devil” stated on a darknet forum that the stolen database contains information about different accounts, including companies, celebrities, and ransom users. Those willing to buy the database will be hoping to gain account details of these companies and celebrities for identity theft or other forms of attacks.

“Hello, today I present you data collected on multiple users who use Twitter via a vulnerability,” the hacker selling the database stated.

Buyers Are Showing Interest In The Database

BleepingComputer initiated a conversation with the hacker and was told that the attack was possible via a flaw to steal the data in December 2021. The hacker stated that many buyers are showing interest in the database.

Reports reveal that the flaw that gave the hacker the open doors for the attack is the same one disclosed to Twitter via HackerOne on January 1 and fixed on January 13.

The flaw allows threat actors or anyone without authorization to gain a Twitter ID, which has almost the same privilege of getting the username to an account. It gives the hacker such access by submitting an email/phone number even when the user blocks this action in the privacy settings. In other words, the vulnerability allows people without authentication to bypass authentication settings and gain access to the user details.

The flaw exists because of the process of authorization used in the Android Client of Twitter, which checks the duplication of an account on the platform. In the conversation with BleepigComputer, “Devil” stated that they have never used HackerOne and are affiliated with Zhirinovsky.

The hacker also stated that the vulnerability allows an unauthorized person to feed phone numbers and email addresses to find out whether it is associated with a Twitter account and steal that account’s ID. Once they retrieve the ID, the hackers create a user profile for the user by scrapping the rest of the public data.

Twitter Says The Incident Is Under Investigation

The bug has been described as having similar features are the hacking method used in scraping the Facebook account data of 533 million users last year.

Twitter is yet to confirm the hacking incidence. But when the social media giant was approached, it stated that an investigation into the incident is ongoing and the authenticity of the claim has not been proven yet.

Twitter stated that the report of the so-called breach was received several months ago via its bug bounty program. It added that it was investigated immediately while a patch was provided afterward.

“As always, we’re committed to protecting the privacy and security of the people who use Twitter,” the firm stated.

The firm added that it is grateful to the white hackers that engage in its bug bounty program as they have helped to keep the platform as secure as possible. Through the program, the company has been able to identify potential vulnerabilities, including this one.

The firm added that it is investigating the latest data to verify the authenticity of the data and ensure the security of the affected accounts.

The Private Information Is Authentic

BleepingComputer stated that it verified some of the details listed in the small sample shared by the hacker. According to the platform, the sample data contains accurate phone numbers and email addresses. However, only a small portion of the database was verified. As a result, it cannot be said that the over 5.4 million accounts being sold on the dark net are all valid.

Although most of the data offered on the darknet are available to the public, hackers can use phone numbers and email addresses in targeted phishing attacks. Moreover, the large collection of such data will be very difficult for someone to pick the data separately from different Twitter accounts. With 5.4 million accounts, a hacker will have a lot of data available to undertake a phishing campaign.

As a result, users have been advised to be careful when receiving emails from Twitter, especially those asking for login credentials.


Hacker Offers 5.4 Million Twitter Accounts For $30,000 On The Dark Web

Article Name

Hacker Offers 5.4 Million Twitter Accounts For $30,000 On The Dark Web


According to the report, the data breach saw the compromise of over 5.4 million accounts, with the data now being offered on the dark net for $30,000.


Ali Raza

Publisher Name


Publisher Logo

Share this:

Posted by Charlie