Question about Twitter Hack

So in the articles Ive read they mention that admin tool that was used for the account takeovers. They mention that the attacker might've phished credentials of an employee at Twitter and then get access to their internal network. From there they snooped around the network and found this tool.

Is it likely that the 17 y/o being accused mapped out their network and found this tool or did they just hear about it in a hacking forum?

how would someone find a tool like this? I assume they just phish credentials and then login to a VPN. Is it located on a subdomain or something? would they just have to run nmap once on the VPN and see what services are on the servers are running on the internal network?

1 comment

Touch here for the full post on Network Security Noblemen tumblr

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s