Dynadot

security Need Investigative help please for TheDomains.com Twitter hacked account

Spaceship Spaceship
Watch
Vito

Vito

Domain Names MatterTop Member
VIP
Trusted Contest Holder
★★★★★★★★★★
Impact
1,570
Mods not sure this is the correct forum, please feel free top move it if I have chosen the wrong Forum.

Hello,

First off, I am not affiliated with TheDomains.com at all. It is and always was Mike Berkens site. Raymond Hackney @equity78 is a huge part of TheDomains.com now since MB kinda retired.

So, I was off of work today.. I should have done many things, ran errands, put some domains in auction, domain management, wrote in my own blog (which I have the hardest time ever doing), crypto coin movement since market moved, and a long honey-do list, etc.

I start off my day, looking at the domain blogs, and of course checking my Twitter account. I notice that TheDomains Twitter account got hacked. That kind of pissed me off. Nobody should be able to do that. Some people were trying to help tweet to people to report this hack to Twitter, just press the gear icon, etc. Well, my desktop twitter didnt have one so I created a screenshot showing how to report it from desktop set-up.

Twitter support blows. I am sure that so many fans of The Domains have reported this, and still no help. The knucklehead holding the twitter account for ransom still has full control of the site. This only goes to show the rest of us that have many less followers, that if we ever get hacked, we will never get our accounts back.

So, this starts bothering me. I know Ray for almost 10 years now. Mike Berkens had my favorite portfolio of any big time domainer ever, before selling it. Almost got to meet Mike when in Ft. Lauderdale a couple years ago. Just seems like a very cool guy. I have TONS of respect for TheDomains.com and Mike and Ray.

Ok so, I see this knucklehead hacker tweeting on that account. At one time, he asks for $50 in Bitcoin to get account back. I tweet that I will pay it to get it back to them.

Then he direct messages me.His tweets sounded childish, but his DM's sounded much more civil. So, I feel like I am dealing with a guy down on his luck and he is a hacker, sure I will give him the $50 to get the account back to Mike and Ray.

Thats where I F-ed up.

So, I sent him $50 in Bitcoin from my Bittrex along with the $15 fee thinking he was going to turn over the account. Of course, he didn't

Now, you may call me an idiot, and I get it. I do feel embarrassed. Based on the DM's I really felt like I could fix this. The money was not too big of an issue to me considering the knowledge I have gotten from Mike on TheDomains.com for free for all of these years, and Ray has done 100x more than $50 worth for me in the past 10 years as well. So this could have been a great ending but unfortunately not.

This is where you come in.

Can anyone find this guy? I know there are some brilliant people who frequent this forum and I think I got a lot of information from this scumbag. A couple members I have seen here who have done some great investigative work... @Grilled @promo anyone else that may be able to help, that would be extremely cool!

I am gonna eventually post my whole DM conversation here thru screenshots. I have his Bitcoin address and some text address screenshot that may be helpful. I don't know why, but I am angered by this big time like it is my own site even though it isn't.

Thanks,
Vito

Ok I think I captured entire conversation
Here goes...

Scumbag 1.png
scumbag 2.png
scumbag 3.png
scumbag 4.png
scumbag 5.png
scumbag 6.png
scumbag 7.png
scumbag 8.png
scumbag 9.png
scumbag 10.png
 
Last edited:
Click to expand...
Reply
6
6 Thanks
0 Like
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Sort by date Sort by points
scumbag 11.png
scumbag 12.png
 
Last edited:
Click to expand...
Reply
3
3 Thanks
0 Like
•••
Thanks a LOT Twitter Support!

So whatever you do, do not send this A-hole any money like I did.
He is not giving the account back, imho.

So we have his Bitcoin address and some text app thing with "Double Sad Dyl @boyi..."

Hopefully this info helps anyone who like this, (find the bad guy game) to help find this P.O.S.
 
Last edited:
Click to expand...
Reply
2
2 Thanks
0 Like
•••
Media Branding said:
Thanks a LOT Twitter Support.
Click to expand...

What happened when you contacted Twitter support?

The below tweet is [was] in direct violation of Twitter's Username Squatting Policy.

hacked.PNG


Media Branding said:
So whatever you do, do not send this A-hole any money like I did.
He is not giving the account back, imho.
Click to expand...

I'm wondering if the alleged hacker still has access to the twitter account, and if not, could that be why he/she hasn't surrendered the account details? I'd hope, since it appears the account was reported multiple times, that Twitter would have taken action. Without knowing much else, it's hard for me to speculate.

Has it been determined how the alleged hacker gained access to the account?
 
Click to expand...
Reply
3
2 Like
1 Thanks
•••
Sorry to hear your story ...
hope everything went fine now.

This should be a small lesson for you that you should not always trust in the goodwill of every person – unfortunately there is no escrow service to transfer social media accounts (as far as I know).

If it should happen again that a person wants to have cryptocurrency ... don't use BTC for micro-payments because it can take a long time and costs too much for small sums. You could use other currencies like Ethereum and inform yourself about smart contracts. It is a digital contract that is a safety for both sides ... the payment would have only been released if a goal is achieved and this could be the receipt of the login-details and the account change.

Next time you can also use:
https://blockchain.info/

to check if the other account received the money if you type in his address.

The date he received the money was yesterday
 
Click to expand...
Reply
4
3 Like
1 Thanks
•••
Grilled said:
What happened when you contacted Twitter support?

The below tweet is [was] in direct violation of Twitter's Username Squatting Policy.

Show attachment 76054


I'm wondering if the alleged hacker still has access to the twitter account, and if not, could that be why he/she hasn't surrendered the account details? I'd hope, since it appears the account was reported multiple times, that Twitter would have taken action. Without knowing much else, it's hard for me to speculate.

Has it been determined how the alleged hacker gained access to the account?
Click to expand...
Here is the Official TheDomains account...
https://twitter.com/thedomains
This is the one he took over and still has access to.

Here is a brand new account for TheDomains that Ray created earlier today
https://twitter.com/thedomainscom

Not exactly sure how he gained access to it. Talked to Ray on the phone earlier and he wasn't 100% sure. He said he did have an app open, well I will let him explai if he wants because I will screw up the story. Short answer - No, no idea

Twitter SHOULD have taken action based on the amount of tweets I have seen from everyone and their mothers saying that they all reported it. I did get a message saying that if and when we take action we will inform you. So, who knows, probably expecting that being next year now since the Holidays are here.
 
Last edited:
Click to expand...
Reply
1
1 Thanks
0 Like
•••
Brandmore said:
Sorry to hear your story ...
hope everything went fine now.

This should be a small lesson for you that you should not always trust in the goodwill of every person – unfortunately there is no escrow service to transfer social media accounts (as far as I know).

If it should happen again that a person wants to have cryptocurrency ... don't use BTC for micro-payments because it can take a long time and costs too much for small sums. You could use other currencies like Ethereum and inform yourself about smart contracts. It is a digital contract that is a safety for both sides ... the payment would have only been released if a goal is achieved and this could be the receipt of the login-details and the account change.

Next time you can also use:
https://blockchain.info/

to check if the other account received the money if you type in his address.

The date he received the money was yesterday
Click to expand...

Thank You Brandmore.
I had no idea I could set that up thru a smart contract and that would kind of act as an escrow. Actually I guess it didn't matter though because one of his public tweets to me after I told him I would pay was something like, only pay in BTC.

At this point like I said though I am not worried about the money. It was a small price to pay, and I knew there was risk. Silly me though, I thought I could negotiate and make a difference here.

At this point, I just figure it would be nice if someone here could possibly find this guy. I feel like he is a domainer and has crossed paths with someone here. Why would he have picked TheDomains.com? The largest domaining blog in the Industry.

Back to your point. I have invested in ETH and I do need to read more about smart contracts.

Thanks
 
Click to expand...
Reply
3
2 Like
1 Thanks
•••
Seriously - change all your passwords ASAP. This jerk may target you as you delt with him/her.

You are way too good of a friend to many of us here and dont want to see you have to deal with this as well.
 
Last edited:
Click to expand...
Reply
4
3 Like
1 Thanks
•••
DnameAgame said:
Seriously - change all your passwords ASAP. This jerk may target you as you delt with him/her
Click to expand...

Yeah, you're probably right. Thanks Bri
 
Click to expand...
Reply
1
1 Thanks
0 Like
•••
What a total loser. Don't these script kiddies have a life or anything better to do?
 
Click to expand...
Reply
2
1 Like
1 Thanks
•••
Wow, Man I feel you. I nearly sent him $50 myself earlier today but decided to just learn how to hack myself. As I don't trust the guy to take my money and not give access.

I have basically spend 9 hrs learning and can't figure it out yet... It's 430am now so, gonna get some rest and try again later on.

If anyone can work it out, let me know..

This is the best video I have found https://www.youtube.com/watch?v=_-vM8cSgMvk ( don't go to the web link http://no_url_shorteners/twitter-code waste of time at 5.53 )

I think the follow code is right that the guy uses in the video

<form class="Form" action="/account/reset_password" method="post">
<input type="hidden" name="authenticity_token" value="23b20fcf76bf0ef86122f009d242cda3c86ee292">
<label for="password">Type your new password</label>
<div class="PasswordStrength">
<input id="password" class="Form-textbox Edge-textbox is-required" type="password" name="password" data-username="thedomains" ,="" data-fullname="The Domains">
<span class="PasswordStrength-meterContainer">
<span class="PasswordStrength-meter"></span>
</span>
<span class="Form-message">
<span data-key="weak" style="display: none;">Weak</span>
<span data-key="good" style="display: none;">Good</span>
<span data-key="strong" style="display: none;">Strong</span>
<span data-key="verystrong" style="display: none;">Very strong</span>
<span data-key="tooshort" style="display: none;">Too short</span>
<span data-key="obvious" style="display: none;">Too obvious</span>
<span data-key="tooweak" style="display: none;">6 characters or more! Be tricky.</span>
<span data-key="required" style="display: none;">Please enter a new password.</span>

<span data-key="roc" style="display: none;"></span>
</span>
</div>
<div>
<label for="password_confirmation">Type your new password one more time</label>
<input class="Form-textbox Edge-textbox" type="password" name="password_confirmation">
<span class="Form-message">
<span data-key="mismatch">Passwords do not match.</span>
</span>
</div>
<div class="Form-checkbox">
<label>
<input type="checkbox" value="1" name="remember_me" checked="checked">
Remember me
</label>
</div>
<input type="submit" class="Button EdgeButton--primary EdgeButton" value="Submit">
</form>
 
Click to expand...
Reply
4
2 Like
2 Thanks
•••
Last edited:
Click to expand...
Reply
3
2 Like
1 Thanks
•••
We found the following information associated with the account.

  • Email a link to li***@t******.***
 

Attachments

  • Screen Shot 2017-12-24 at 02.09.58.png
    Screen Shot 2017-12-24 at 02.09.58.png
    126.8 KB · Views: 69
Click to expand...
Reply
5
4 Like
1 Thanks
•••
JagG said:
Wow, Man I feel you. I nearly sent him $50 myself earlier today but decided to just learn how to hack myself. As I don't trust the guy to take my money and not give access.

I have basically spend 9 hrs learning and can't figure it out yet... It's 430am now so, gonna get some rest and try again later on.

If anyone can work it out, let me know..

This is the best video I have found https://www.youtube.com/watch?v=_-vM8cSgMvk ( don't go to the web link http://no_url_shorteners/twitter-code waste of time at 5.53 )

I think the follow code is right that the guy uses in the video

<form class="Form" action="/account/reset_password" method="post">
<input type="hidden" name="authenticity_token" value="23b20fcf76bf0ef86122f009d242cda3c86ee292">
<label for="password">Type your new password</label>
<div class="PasswordStrength">
<input id="password" class="Form-textbox Edge-textbox is-required" type="password" name="password" data-username="thedomains" ,="" data-fullname="The Domains">
<span class="PasswordStrength-meterContainer">
<span class="PasswordStrength-meter"></span>
</span>
<span class="Form-message">
<span data-key="weak" style="display: none;">Weak</span>
<span data-key="good" style="display: none;">Good</span>
<span data-key="strong" style="display: none;">Strong</span>
<span data-key="verystrong" style="display: none;">Very strong</span>
<span data-key="tooshort" style="display: none;">Too short</span>
<span data-key="obvious" style="display: none;">Too obvious</span>
<span data-key="tooweak" style="display: none;">6 characters or more! Be tricky.</span>
<span data-key="required" style="display: none;">Please enter a new password.</span>

<span data-key="roc" style="display: none;"></span>
</span>
</div>
<div>
<label for="password_confirmation">Type your new password one more time</label>
<input class="Form-textbox Edge-textbox" type="password" name="password_confirmation">
<span class="Form-message">
<span data-key="mismatch">Passwords do not match.</span>
</span>
</div>
<div class="Form-checkbox">
<label>
<input type="checkbox" value="1" name="remember_me" checked="checked">
Remember me
</label>
</div>
<input type="submit" class="Button EdgeButton--primary EdgeButton" value="Submit">
</form>
Click to expand...

I was wondering about that. I was wondering if he was trying to get money from many others. I told Ray, Even though it is a bit humiliating since i should have known better I have to post this so everyone knows because I don't want it happening to anyone else.

TheDomains really has a loyal following.and I can see many others doing the same thing. So, this will halp to show everyone that sending him money will NOT work.

Good luck on your hacking. Hope you can re-hack the hacker one day!
 
Click to expand...
Reply
1
1 Thanks
0 Like
•••
Click to expand...
Reply
1
1 Thanks
0 Like
•••
Check out the account: boyifudonot
Might be the other person due to the fact that the name is "........................." now
 
Click to expand...
Reply
2
1 Like
1 Thanks
•••
Media Branding said:
I was wondering about that. I was wondering if he was trying to get money from many others. I told Ray, Even though it is a bit humiliating since i should have known better I have to post this so everyone knows because I don't want it happening to anyone else.

TheDomains really has a loyal following.and I can see many others doing the same thing. So, this will halp to show everyone that sending him money will NOT work.

Good luck on your hacking. Hope you can re-hack the hacker one day!
Click to expand...

The hacker has been talking to a few people via DM @twitter, he sent me some screen shots, all my conversations with this Joker have been sent over to Mike.

Plus the hacker pissed me off over DM so making it my own mission to find this guy and teach him some manners. Yeah thanks for the good luck, not easy as I first thought to be honest but now too late to give up...

"I will hack the hacker"
 
Click to expand...
Reply
5
4 Like
1 Thanks
•••
Last edited:
Click to expand...
Reply
1
1 Thanks
0 Like
•••
Edit - Took another photo out.
 
Last edited:
Click to expand...
Reply
1
1 Thanks
0 Like
•••
JagG said:
This is the best video I have found https://www.youtube.com/watch?v=_-vM8cSgMvk ( don't go to the web link http://no_url_shorteners/twitter-code waste of time at 5.53 )

I think the follow code is right that the guy uses in the video

<form class="Form" action="/account/reset_password" method="post">
<input type="hidden" name="authenticity_token" value="23b20fcf76bf0ef86122f009d242cda3c86ee292">
<label for="password">Type your new password</label>
<div class="PasswordStrength">
<input id="password" class="Form-textbox Edge-textbox is-required" type="password" name="password" data-username="thedomains" ,="" data-fullname="The Domains">
<span class="PasswordStrength-meterContainer">
<span class="PasswordStrength-meter"></span>
</span>
<span class="Form-message">
<span data-key="weak" style="display: none;">Weak</span>
<span data-key="good" style="display: none;">Good</span>
<span data-key="strong" style="display: none;">Strong</span>
<span data-key="verystrong" style="display: none;">Very strong</span>
<span data-key="tooshort" style="display: none;">Too short</span>
<span data-key="obvious" style="display: none;">Too obvious</span>
<span data-key="tooweak" style="display: none;">6 characters or more! Be tricky.</span>
<span data-key="required" style="display: none;">Please enter a new password.</span>

<span data-key="roc" style="display: none;"></span>
</span>
</div>
<div>
<label for="password_confirmation">Type your new password one more time</label>
<input class="Form-textbox Edge-textbox" type="password" name="password_confirmation">
<span class="Form-message">
<span data-key="mismatch">Passwords do not match.</span>
</span>
</div>
<div class="Form-checkbox">
<label>
<input type="checkbox" value="1" name="remember_me" checked="checked">
Remember me
</label>
</div>
<input type="submit" class="Button EdgeButton--primary EdgeButton" value="Submit">
</form>
Click to expand...

Given how Twitter handles are becoming more and more desirable, I wonder if Twitter will ever change their ToS to allow accounts to be bought and sold (maybe if Twitter could profit from it). I mean, some companies these days acquire the bulk of their sales via their social media following, and when those companies sell, their twitters accounts (and access to their followers) are usually included in the sale. So while a company sale may not be billed as a sold twitter account, it's reasonable to assume the included twitter following added to the company sale price.

If Twitter allowed this, then twitter handles could start competing with domain names. And with that, Twitter would have to manage stolen accounts similar stolen domains. IDK the full story of this apparent hack, but while thinking outside the box of all possibilities, it dawned on me that the person currently in control of the account (if Twitter hasn't revoked access yet) may not be the person who first hacked the account. Meaning, somebody could have already bought the twitter account (possibly on the darkweb), and then that person (not the original hacker) could have posted the twitter account for sale. Essentially, (I think) this would minimize exposure. Usually the more hands and IP addresses the account passes, the more difficult forensics become. Just like stolen domains.

Additionally, there could be multiple concerns here. Depending on what information is stored privately on thedomains twitter (maybe tips from anonymous sources), there could be a concern of a data leak.
 
Last edited:
Click to expand...
Reply
2
1 Like
1 Thanks
•••
@Media Branding On the 8th of december 2017 the account liked a post with Bitcoin as a topic
 
Click to expand...
Reply
2
1 Like
1 Thanks
•••
OK I edited photo out.
 
Last edited:
Click to expand...
Reply
1
1 Thanks
0 Like
•••
@Media Branding please delete the photo ... we don't know if it is him because it is more likely that this is a photoshop edit from the web. Better look for uploaded media that are personal creations.
 
Click to expand...
Reply
2
1 Like
1 Thanks
•••
Click to expand...
Reply
1
1 Thanks
0 Like
•••
On 5. Feb. 2017 he uploaded a photo with "Dylan is the best" and he said thanks Donald ... and Dyl is the Short Version of Dylan
 
Click to expand...
Reply
2
1 Like
1 Thanks
•••
Log in or sign up to reply here.

Similar threads

G
  • Locked
My account has been frozen by godaddy, please help me
4 replies
601 views
Alfa Mod Team
Alfa Mod Team
G
The GoDaddy account is locked, causing the domain names in the account to be inaccessible
1 reply
355 views
GoDaddy
GoDaddy
sos1usd
Hello ! From Spain
10 replies
549 views
Corey
Corey
gilangsatria6
  • Locked
ccTLD Please Help | HSE.pw and HSE.asia
0 replies
114 views
gilangsatria6
gilangsatria6
gilangsatria6
  • Locked
New gTLD Please Help | HSE.asia and HSE.pw
0 replies
124 views
gilangsatria6
gilangsatria6

We're social

Escrow.com

New posts

Auction activity

Domain Recover

What non .com extensions have you sold in 2024?

Polls of interest

Popular this week

Community favorite

Popular this month

Blog favorites

  • The sidebar remains visible by scrolling at a speed relative to the page’s height.
Back