Dominion.Domains

Need Investigative help please for TheDomains.com Twitter hacked account

Labeled as security in Misc. Professional Topics started by Media Branding, Dec 24, 2017.

Replies:
148
Views:
8,278

  1. Media Branding

    Media Branding Media Branding LLC Gold Account VIP Trusted Contest Holder

    Posts:
    4,379
    Likes Received:
    925
    Mods not sure this is the correct forum, please feel free top move it if I have chosen the wrong Forum.

    Hello,

    First off, I am not affiliated with TheDomains.com at all. It is and always was Mike Berkens site. Raymond Hackney @equity78 is a huge part of TheDomains.com now since MB kinda retired.

    So, I was off of work today.. I should have done many things, ran errands, put some domains in auction, domain management, wrote in my own blog (which I have the hardest time ever doing), crypto coin movement since market moved, and a long honey-do list, etc.

    I start off my day, looking at the domain blogs, and of course checking my Twitter account. I notice that TheDomains Twitter account got hacked. That kind of pissed me off. Nobody should be able to do that. Some people were trying to help tweet to people to report this hack to Twitter, just press the gear icon, etc. Well, my desktop twitter didnt have one so I created a screenshot showing how to report it from desktop set-up.

    Twitter support blows. I am sure that so many fans of The Domains have reported this, and still no help. The knucklehead holding the twitter account for ransom still has full control of the site. This only goes to show the rest of us that have many less followers, that if we ever get hacked, we will never get our accounts back.

    So, this starts bothering me. I know Ray for almost 10 years now. Mike Berkens had my favorite portfolio of any big time domainer ever, before selling it. Almost got to meet Mike when in Ft. Lauderdale a couple years ago. Just seems like a very cool guy. I have TONS of respect for TheDomains.com and Mike and Ray.

    Ok so, I see this knucklehead hacker tweeting on that account. At one time, he asks for $50 in Bitcoin to get account back. I tweet that I will pay it to get it back to them.

    Then he direct messages me.His tweets sounded childish, but his DM's sounded much more civil. So, I feel like I am dealing with a guy down on his luck and he is a hacker, sure I will give him the $50 to get the account back to Mike and Ray.

    Thats where I F-ed up.

    So, I sent him $50 in Bitcoin from my Bittrex along with the $15 fee thinking he was going to turn over the account. Of course, he didn't

    Now, you may call me an idiot, and I get it. I do feel embarrassed. Based on the DM's I really felt like I could fix this. The money was not too big of an issue to me considering the knowledge I have gotten from Mike on TheDomains.com for free for all of these years, and Ray has done 100x more than $50 worth for me in the past 10 years as well. So this could have been a great ending but unfortunately not.

    This is where you come in.

    Can anyone find this guy? I know there are some brilliant people who frequent this forum and I think I got a lot of information from this scumbag. A couple members I have seen here who have done some great investigative work... @Grilled @promo anyone else that may be able to help, that would be extremely cool!

    I am gonna eventually post my whole DM conversation here thru screenshots. I have his Bitcoin address and some text address screenshot that may be helpful. I don't know why, but I am angered by this big time like it is my own site even though it isn't.

    Thanks,
    Vito

    Ok I think I captured entire conversation
    Here goes...

    Scumbag 1.png scumbag 2.png scumbag 3.png scumbag 4.png scumbag 5.png scumbag 6.png scumbag 7.png scumbag 8.png scumbag 9.png scumbag 10.png
     
    Last edited: Dec 24, 2017
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Media Branding

    Media Branding Media Branding LLC Gold Account VIP Trusted Contest Holder

    Posts:
    4,379
    Likes Received:
    925
  3. Media Branding

    Media Branding Media Branding LLC Gold Account VIP Trusted Contest Holder

    Posts:
    4,379
    Likes Received:
    925
    Thanks a LOT Twitter Support!

    So whatever you do, do not send this A-hole any money like I did.
    He is not giving the account back, imho.

    So we have his Bitcoin address and some text app thing with "Double Sad Dyl @boyi..."

    Hopefully this info helps anyone who like this, (find the bad guy game) to help find this P.O.S.
     
    Last edited: Dec 24, 2017
  4. Grilled

    Grilled Be the change you want to see in the world VIP

    Posts:
    4,061
    Likes Received:
    5,332
    What happened when you contacted Twitter support?

    The below tweet is [was] in direct violation of Twitter's Username Squatting Policy.

    hacked.PNG

    I'm wondering if the alleged hacker still has access to the twitter account, and if not, could that be why he/she hasn't surrendered the account details? I'd hope, since it appears the account was reported multiple times, that Twitter would have taken action. Without knowing much else, it's hard for me to speculate.

    Has it been determined how the alleged hacker gained access to the account?
     
  5. Brandmore

    Brandmore Established Member

    Posts:
    227
    Likes Received:
    225
    Sorry to hear your story ...
    hope everything went fine now.

    This should be a small lesson for you that you should not always trust in the goodwill of every person – unfortunately there is no escrow service to transfer social media accounts (as far as I know).

    If it should happen again that a person wants to have cryptocurrency ... don't use BTC for micro-payments because it can take a long time and costs too much for small sums. You could use other currencies like Ethereum and inform yourself about smart contracts. It is a digital contract that is a safety for both sides ... the payment would have only been released if a goal is achieved and this could be the receipt of the login-details and the account change.

    Next time you can also use:
    https://blockchain.info/

    to check if the other account received the money if you type in his address.

    The date he received the money was yesterday
     
  6. Media Branding

    Media Branding Media Branding LLC Gold Account VIP Trusted Contest Holder

    Posts:
    4,379
    Likes Received:
    925
    Here is the Official TheDomains account...
    https://twitter.com/thedomains
    This is the one he took over and still has access to.

    Here is a brand new account for TheDomains that Ray created earlier today
    https://twitter.com/thedomainscom

    Not exactly sure how he gained access to it. Talked to Ray on the phone earlier and he wasn't 100% sure. He said he did have an app open, well I will let him explai if he wants because I will screw up the story. Short answer - No, no idea

    Twitter SHOULD have taken action based on the amount of tweets I have seen from everyone and their mothers saying that they all reported it. I did get a message saying that if and when we take action we will inform you. So, who knows, probably expecting that being next year now since the Holidays are here.
     
    Last edited: Dec 24, 2017
  7. Media Branding

    Media Branding Media Branding LLC Gold Account VIP Trusted Contest Holder

    Posts:
    4,379
    Likes Received:
    925
    Thank You Brandmore.
    I had no idea I could set that up thru a smart contract and that would kind of act as an escrow. Actually I guess it didn't matter though because one of his public tweets to me after I told him I would pay was something like, only pay in BTC.

    At this point like I said though I am not worried about the money. It was a small price to pay, and I knew there was risk. Silly me though, I thought I could negotiate and make a difference here.

    At this point, I just figure it would be nice if someone here could possibly find this guy. I feel like he is a domainer and has crossed paths with someone here. Why would he have picked TheDomains.com? The largest domaining blog in the Industry.

    Back to your point. I have invested in ETH and I do need to read more about smart contracts.

    Thanks
     
  8. DnameAgame

    DnameAgame AISERP.com, Free SEO and Domain Research Tools Gold Account

    Posts:
    297
    Likes Received:
    401
    Seriously - change all your passwords ASAP. This jerk may target you as you delt with him/her.

    You are way too good of a friend to many of us here and dont want to see you have to deal with this as well.
     
    Last edited: Dec 24, 2017
  9. Media Branding

    Media Branding Media Branding LLC Gold Account VIP Trusted Contest Holder

    Posts:
    4,379
    Likes Received:
    925
    Yeah, you're probably right. Thanks Bri
     
  10. creataweb

    creataweb Top Member VIP ★★★★★★★★★★

    Posts:
    4,473
    Likes Received:
    4,830
    What a total loser. Don't these script kiddies have a life or anything better to do?
     
  11. JagG

    JagG Established Member ★★★★★★★★★★

    Posts:
    935
    Likes Received:
    216
    Wow, Man I feel you. I nearly sent him $50 myself earlier today but decided to just learn how to hack myself. As I don't trust the guy to take my money and not give access.

    I have basically spend 9 hrs learning and can't figure it out yet... It's 430am now so, gonna get some rest and try again later on.

    If anyone can work it out, let me know..

    This is the best video I have found https://www.youtube.com/watch?v=_-vM8cSgMvk ( don't go to the web link http://no_url_shorteners/twitter-code waste of time at 5.53 )

    I think the follow code is right that the guy uses in the video

    <form class="Form" action="/account/reset_password" method="post">
    <input type="hidden" name="authenticity_token" value="23b20fcf76bf0ef86122f009d242cda3c86ee292">
    <label for="password">Type your new password</label>
    <div class="PasswordStrength">
    <input id="password" class="Form-textbox Edge-textbox is-required" type="password" name="password" data-username="thedomains" ,="" data-fullname="The Domains">
    <span class="PasswordStrength-meterContainer">
    <span class="PasswordStrength-meter"></span>
    </span>
    <span class="Form-message">
    <span data-key="weak" style="display: none;">Weak</span>
    <span data-key="good" style="display: none;">Good</span>
    <span data-key="strong" style="display: none;">Strong</span>
    <span data-key="verystrong" style="display: none;">Very strong</span>
    <span data-key="tooshort" style="display: none;">Too short</span>
    <span data-key="obvious" style="display: none;">Too obvious</span>
    <span data-key="tooweak" style="display: none;">6 characters or more! Be tricky.</span>
    <span data-key="required" style="display: none;">Please enter a new password.</span>

    <span data-key="roc" style="display: none;"></span>
    </span>
    </div>
    <div>
    <label for="password_confirmation">Type your new password one more time</label>
    <input class="Form-textbox Edge-textbox" type="password" name="password_confirmation">
    <span class="Form-message">
    <span data-key="mismatch">Passwords do not match.</span>
    </span>
    </div>
    <div class="Form-checkbox">
    <label>
    <input type="checkbox" value="1" name="remember_me" checked="checked">
    Remember me
    </label>
    </div>
    <input type="submit" class="Button EdgeButton--primary EdgeButton" value="Submit">
    </form>
     
  12. Grilled

    Grilled Be the change you want to see in the world VIP

    Posts:
    4,061
    Likes Received:
    5,332
    1KBBFEkudkrcEb1McS16BS3ubGuR47JX6t

    What text app thing?

    FWIW -- the profile pic he/she is using is published online as a stock image.

    upload_2017-12-23_21-32-37.png

    Uploaded by -- https://pixabay.com/en/users/nick206180-657953/
     
    Last edited: Dec 24, 2017
  13. JagG

    JagG Established Member ★★★★★★★★★★

    Posts:
    935
    Likes Received:
    216
    We found the following information associated with the account.

    • Email a link to li***@t******.***
     

    Attached Files:

  14. Media Branding

    Media Branding Media Branding LLC Gold Account VIP Trusted Contest Holder

    Posts:
    4,379
    Likes Received:
    925
    I was wondering about that. I was wondering if he was trying to get money from many others. I told Ray, Even though it is a bit humiliating since i should have known better I have to post this so everyone knows because I don't want it happening to anyone else.

    TheDomains really has a loyal following.and I can see many others doing the same thing. So, this will halp to show everyone that sending him money will NOT work.

    Good luck on your hacking. Hope you can re-hack the hacker one day!
     
  15. Media Branding

    Media Branding Media Branding LLC Gold Account VIP Trusted Contest Holder

    Posts:
    4,379
    Likes Received:
    925

    This is the text app thing I was talking about...
    There is some info there -
    Double Sad Dyl,
    @boyif...

    Also a picture of they guy holding a ferret or something?


    scumbag 13.jpg
     
  16. Brandmore

    Brandmore Established Member

    Posts:
    227
    Likes Received:
    225
    Check out the account: boyifudonot
    Might be the other person due to the fact that the name is "........................." now
     
  17. JagG

    JagG Established Member ★★★★★★★★★★

    Posts:
    935
    Likes Received:
    216
    The hacker has been talking to a few people via DM @twitter, he sent me some screen shots, all my conversations with this Joker have been sent over to Mike.

    Plus the hacker pissed me off over DM so making it my own mission to find this guy and teach him some manners. Yeah thanks for the good luck, not easy as I first thought to be honest but now too late to give up...

    "I will hack the hacker"
     
  18. Media Branding

    Media Branding Media Branding LLC Gold Account VIP Trusted Contest Holder

    Posts:
    4,379
    Likes Received:
    925
    Last edited: Dec 24, 2017
  19. Media Branding

    Media Branding Media Branding LLC Gold Account VIP Trusted Contest Holder

    Posts:
    4,379
    Likes Received:
    925
    Edit - Took another photo out.
     
    Last edited: Dec 24, 2017
  20. Grilled

    Grilled Be the change you want to see in the world VIP

    Posts:
    4,061
    Likes Received:
    5,332
    Given how Twitter handles are becoming more and more desirable, I wonder if Twitter will ever change their ToS to allow accounts to be bought and sold (maybe if Twitter could profit from it). I mean, some companies these days acquire the bulk of their sales via their social media following, and when those companies sell, their twitters accounts (and access to their followers) are usually included in the sale. So while a company sale may not be billed as a sold twitter account, it's reasonable to assume the included twitter following added to the company sale price.

    If Twitter allowed this, then twitter handles could start competing with domain names. And with that, Twitter would have to manage stolen accounts similar stolen domains. IDK the full story of this apparent hack, but while thinking outside the box of all possibilities, it dawned on me that the person currently in control of the account (if Twitter hasn't revoked access yet) may not be the person who first hacked the account. Meaning, somebody could have already bought the twitter account (possibly on the darkweb), and then that person (not the original hacker) could have posted the twitter account for sale. Essentially, (I think) this would minimize exposure. Usually the more hands and IP addresses the account passes, the more difficult forensics become. Just like stolen domains.

    Additionally, there could be multiple concerns here. Depending on what information is stored privately on thedomains twitter (maybe tips from anonymous sources), there could be a concern of a data leak.
     
    Last edited: Dec 24, 2017
  21. Brandmore

    Brandmore Established Member

    Posts:
    227
    Likes Received:
    225
    @Media Branding On the 8th of december 2017 the account liked a post with Bitcoin as a topic
     
  22. Media Branding

    Media Branding Media Branding LLC Gold Account VIP Trusted Contest Holder

    Posts:
    4,379
    Likes Received:
    925
    OK I edited photo out.
     
    Last edited: Dec 24, 2017
  23. Brandmore

    Brandmore Established Member

    Posts:
    227
    Likes Received:
    225
    @Media Branding please delete the photo ... we don't know if it is him because it is more likely that this is a photoshop edit from the web. Better look for uploaded media that are personal creations.
     
  24. Media Branding

    Media Branding Media Branding LLC Gold Account VIP Trusted Contest Holder

    Posts:
    4,379
    Likes Received:
    925
    Interesting.
    I wonder if there is any domaining activity at all?
     
  25. Brandmore

    Brandmore Established Member

    Posts:
    227
    Likes Received:
    225
    On 5. Feb. 2017 he uploaded a photo with "Dylan is the best" and he said thanks Donald ... and Dyl is the Short Version of Dylan
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!

Share This Page

Lysted
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...