• Home
  • About Us
  • Authors
  • Submit News
  • Contact Us
  • Privacy Policy
  • Sitemap
The Hack Post
  • Hacking News
    • Cyber Crime
  • Cyber Security
  • Technology
    • Internet
  • Entertainment
    • Gaming
  • Business
  • Science / Health
No Result
View All Result
The Hack Post
No Result
View All Result

Hackers Can Hijack Anyone’s Twitter Tweets (Legally)

Ahmed Khan by Ahmed Khan
February 8, 2017
Hackers Can Hijack Anyones Twitter Tweets (Legally)
Share on FacebookShare on Twitter

Hackers can hijack tweets using a python script, created by misterch0c that runs through any twitter account to allow anyone to hijack any twitter accounts or users tweet.

When the script is run in python, it goes through the Twitter accounts tweets and locates any links shared by the Twitter user. The script then checks whether or not the links found in the tweets have expired, and are no longer registered, or not. Once it pinpoints the websites that actually aren’t registered, the attacker can register the domain for themselves and redirect it to any website they like.

Attackers can misdirect users into going to a malicious website infected with a virus, or a phishing page. Therefore the level of threat the script provides is great.

#!/usr/bin/env python2
# -*- coding: utf-8 -*-
# Copyright (c) 2017 @misterch0c
# This program is free software: you can redistribute it and/or modify
# it under the terms of the HTL Hodge Twins License as published by
# the Free Gains Foundation, version 1 and only of the License.
#
# This program is distributed in the hope that you do whatever the F*CK,
# you wanna do with it.
import tweepy
import time
import threading
import sys
import re
import pythonwhois
from secrets import consumer_key, consumer_secret, access_token, access_token_secret
class myThread (threading.Thread):
def __init__(self,accounts):
threading.Thread.__init__(self)
self.accounts=accounts
def run(self):
print "Starting " + self.name
findem(self.accounts)
def get_all_tweets(screen_name):
alltweets = []
new_tweets = api.user_timeline(screen_name = screen_name,count=200)
alltweets.extend(new_tweets)
oldest = alltweets[-1]['id'] - 1
while len(new_tweets) > 0:
new_tweets = api.user_timeline(screen_name = screen_name,count=200,max_id=oldest)
alltweets.extend(new_tweets)
oldest = alltweets[-1]['id'] - 1
print "...%s tweets downloaded so far for %s" % ((len(alltweets)),"@"+screen_name)
return alltweets
def is_not_registred(url):
try:
who=pythonwhois.get_whois(url)
return 'NOT FOUND' in str(who)
except Exception:
print('oops')
return False
def get_accounts():
acc=[]
with open('accounts_leftover') as f:
for l in f.readlines():
twit_name=l.split(',')[0]
acc.append(twit_name)
return acc
def findem(accounts):
urls=[]
print('++ new thread ++')
lock.acquire()
if len(accounts) == 0:
print("++ OVER ++")
lock.release()
return
acc = accounts.pop(0)
lock.release()
tweets=get_all_tweets(acc)
for tweet in tweets:
if 'RT' not in tweet['text']:
nn=tweet['entities']['urls']
for ur in nn:
expanded_url=ur["expanded_url"]
expanded_url = expanded_url.replace("http://","").replace("https://","").replace("www.", "").split("/")[0].split(".")
expanded_url = expanded_url[len(expanded_url)-2:len(expanded_url)]
expanded_url = '.'.join(x for x in expanded_url)
if expanded_url.lower() not in excluded:
print("["+acc+"]"+" -- "+ expanded_url)
if is_not_registred(expanded_url):
print("PWND " + acc +" -- "+expanded_url)
urls.append(expanded_url)
thread1=myThread(accounts)
thread1.daemon=True
thread1.start()
f = open('twit_results', 'a')
f.write(str(urls) + acc +'\n')
f.close()
print("+++ " +str(len(urls))+ " available domain found +++")
print(urls)
auth = tweepy.OAuthHandler(consumer_key, consumer_secret)
auth.set_access_token(access_token, access_token_secret)
api = tweepy.API(auth,parser=tweepy.parsers.JSONParser())
#Let's assume those are registred.
excluded=['twitter.com','facebook.com','fb.me','apple.com','apple.co','snapchat.com','billboard.com','youtube.com','youtu.be','spotify.com','github.com','yahoo.com','fbi.gov','goo.gl','instagram.com','buzzfeed.com','amazon.com','vine.co','twimg.com','persiscope.tv','microsoft.com','fb.on','bit.ly','nike.com']
accounts=get_accounts()
lock = threading.Lock()
for x in range(20):
print(x)
thread1=myThread(accounts)
thread1.daemon=True
thread1.start()
while True:
time.sleep(1)

This method was recently used by a Belgium security researcher named Inti De Ceukelaire to hijack an old Donald Trump tweet, tweeted back in 2012, redirecting people to a youtube video, rather than the National Achievers Congress website that was originally posted.

The hijacked tweet can still be seen on Donald Trump’s official twitter page.

I'll be speaking tomorrow at the San Jose Convention Center (CA) for the first- ever National Achievers Congress http://t.co/m4JN2oIw

— Donald J. Trump (@realDonaldTrump) April 11, 2012

Trump has addressed the tweet and stated that the website of the National Achievers Congress, nac2012.com, was not renewed by the original owner. This allowed Into to buy and register the domain name for himself and redirect it to this youtube video:

Luckily for Donald Trump, Inti De Ceukelaire did not have any malicious or political reasons to successfully attempt the hijack. However, someone who might could use the same method. The hijackers can’t and won’t be arrested either, because it would be completely legal. According to The¯Undersc0re’s blog post on Medium.com, there are more high profiled celebrities who are at risk of having their tweets hijacked, some of them that were tested by The¯Undersc0re are:

Katty Perry, @katyperry , 95.6M
Shakira, @shakira, 42.7M
Jennifer Lopez, @JLo, 39.3M
Aamir Khan, @aamir_khan, 19.8 M
Agnez Mo, @agnezmo, 16.2M
Triple X Movie???, @deepikapadukone, 17.3M
Maroon 5, @maroon5, 13.7M
shaquille o’neal, @SHAQ, 13.2M
Thalia, @thalia, 8.77M
Pegg News, @simongpegg, 6.63M

Twitter has not yet addressed the issue yet. Whether or not they will change Twitters API just to avoid this from happening in the future, regardless, it would be a costly job.

It is also a good reminder to keep our outdated and unused domain names in check and constantly registered so hackers do not use it to their own advantage.

Tags: Hijack Tweets
Ahmed Khan

Ahmed Khan

A security analyst and technical writer at The Hack Post. I’m passionate about spreading knowledge and enhancing my own in the fields of cyber security. I am studying Computer Forensics & Security at the Leeds Beckett University. Creating content is a hobby of mine and hopefully will make it more than just that with the experience and time I’ve spent here at The Hack Post.

Next Post
82 Kazakhstan Websites Hacked by AnonymousFox

82 Kazakhstan Websites Hacked by AnonymousFox

Latest Articles

EverWorlds AI-Driven Procedural VR Realms
Technology

EverWorlds: AI-Driven Procedural VR Realms

July 18, 2025
The Hidden Infrastructure of Movement
Business

The Hidden Infrastructure of Movement

July 14, 2025
Exceptional Secondary School Options near Boulevard Coast EC Loyang View and Hai Sing Catholic School for Older Students
news

Exceptional Secondary School Options near Boulevard Coast EC Loyang View and Hai Sing Catholic School for Older Students

July 13, 2025
The Smart Buyer’s Starter Tips for Singapore Condo Ownership
news

The Smart Buyer’s Starter Tips for Singapore Condo Ownership

July 13, 2025
5 Ways Technology Can Empower Your Well-being
news

5 Ways Technology Can Empower Your Well-being

July 5, 2025
Buy instagram reels
Technology

Instagram Reels: A Simple Guide to Growth and Engagement

June 29, 2025
10 Smart Ways to Save Money on Food Without Sacrificing Quality
news

10 Smart Ways to Save Money on Food Without Sacrificing Quality

June 26, 2025
5 Condo Kitchen Hacks for Faster Meals
news

5 Condo Kitchen Hacks for Faster Meals

June 21, 2025
Colorful Candy Games That Offer Nonstop Entertainment
Entertainment

Colorful Candy Games That Offer Nonstop Entertainment

June 18, 2025
Future-Proofing Your Health The Smarter Way to Use Hospitals Today
Science / Health

Future-Proofing Your Health: The Smarter Way to Use Hospitals Today

June 16, 2025
What Tenants Look For in a Condo Rental Today
Business

What Tenants Look For in a Condo Rental Today

June 12, 2025
5 Tips for Working Alongside Your Furry Pal
news

5 Tips for Working Alongside Your Furry Pal

June 10, 2025
  • Home
  • About Us
  • Authors
  • Submit News
  • Contact Us
  • Privacy Policy
  • Sitemap

The Hack Post © 2019

No Result
View All Result
  • Hacking News
    • Cyber Crime
  • Cyber Security
  • Technology
    • Internet
  • Entertainment
    • Gaming
  • Business
  • Science / Health

The Hack Post © 2019