Man claims hacker took PayPal, GoDaddy accounts hostage in exchange for his ...

Facebook

Naoki Hiroshima says he was extorted into giving up his valuable single-letter Twitter name after a hacker staged an elaborate online attack that infiltrated his PayPal and GoDaddy accounts.


A California man claims his online accounts were held hostage by a hacker in exchange for the rights to his $50,000 Twitter handle.


'I had a rare Twitter username,' Naoki Hiroshima wrote in an online post Tuesday addressing the step-by-step takeover of his one-letter handle: @N.


'I've been offered as much as $50,000 for it. People have tried to steal it. Password reset instructions are a regular sight in my email inbox,' he claimed. 'As of today, I no longer control @N. I was extorted into giving it up.'


According to the unknown villain, whose emails to Hiroshima were documented in his post, all that the attacks required was some 'very simple engineering tactics.'


In an email detailing his steps - after the Twitter handle was acquired - the hacker claims to have simply called up websites PayPal and GoDaddy to gain access to Hiroshima's accounts.


RELATED: MICHAELS INVESTIGATING CREDIT CARD BREACH

In order to convince the companies that he was the rightful owner of the accounts, they allegedly asked him to provide the number of a credit card belonging to Hiroshima that they had on file.


With Paypal, the attacker claimed, 'I called paypal and used some very simple engineering tactics to obtain the last four of your card.'


With GoDaddy: 'I called godaddy and told them I had lost the card but I remembered the last four, the agent then allowed me to try a range of numbers,' or 'guess,' as he so claimed.



Incredibly, he apparently guessed right.


On Jan. 20, just before 3 p.m., Hiroshima received a threatening email from the man, declaring his ransom request.


RELATED: 'REVENGE PORN KING' HUNTER MOORE CHARGED IN NUDE-PHOTO HACKING

'I would also like to inform you that your GoDaddy domains are in my possession, one fake purchase and they can be repossessed by GoDaddy and never seen again,' he wrote.


'I see you run quite a few nice websites so I have left those alone for now, all data on the sites has remained intact. Would you be willing to compromise? access to @N for about 5 minutes while I swap the handle in exchange for your godaddy, and help securing your data?' the message continued.


Less than two hours later, Hiroshima received an email from GoDaddy confirming the attacker's success.


'You are not the current registrant of the domain name,' the email, sent to him in response to his request for help changing his account information, allegedly read.


Hiroshima received one last warning email from the hacker before he relinquished his coveted Twitter handle to the online villain by changing it to: @N_is_stolen.


RELATED: N.Y. MERCHANTS AMONG THOSE TARGETED BY CREDIT CARD DATA HACKERS: CYBERCRIME FIRM

Minutes later he received a reply from the hacker containing his new GoDaddy password and a seemingly friendly step-by-step guide on how to pull off his theft.


On Wednesday, PayPal publicly addressed what they called a 'difficult situation' for one of their customers but one they claim they did not have a part in.


'We have carefully reviewed our records and can confirm that there was a failed attempt made to gain this customer's information by contacting PayPal,' they stated.


Aside from this they insist that no credit card details related to Hiroshima's account were released and his PayPal account was not compromised.


GoDaddy also released a statement.


RELATED: SECRET GOVERNMENT BULLETIN DESCRIBES TARGET CYBER ATTACK

'Our review of the situation reveals that the hacker was already in possession of a large portion of the customer information needed to access the account at the time he contacted GoDaddy,' it read in part.


The company admitted that an employee was 'socially engineered' by the hacker but they said they are making 'necessary changes to employee training to ensure we continue to provide industry-leading security to our customers and stay ahead of evolving hacker techniques.'


The Twitter handle @N appeared to be removed by Wednesday night. Hiroshima tweeted that the guy who stole it apparently deleted it - though it's unable to be acquired.


In advice to others, Hiroshima recommended that Internet users not allow websites like PayPal and GoDaddy save credit card information on file.


'I just removed mine. I'll also be leaving GoDaddy and PayPal as soon as possible,' he wrote.


ngolgowski@nydailynews.com


Comments

Popular posts from this blog

Dropbox Issues Outage Post

Post

Facebook cracks down on auto