security Need Investigative help please for TheDomains.com Twitter hacked account

[Vito]

Mods not sure this is the correct forum, please feel free top move it if I have chosen the wrong Forum.

Hello,

First off, I am not affiliated with TheDomains.com at all. It is and always was Mike Berkens site. Raymond Hackney @equity78 is a huge part of TheDomains.com now since MB kinda retired.

So, I was off of work today.. I should have done many things, ran errands, put some domains in auction, domain management, wrote in my own blog (which I have the hardest time ever doing), crypto coin movement since market moved, and a long honey-do list, etc.

I start off my day, looking at the domain blogs, and of course checking my Twitter account. I notice that TheDomains Twitter account got hacked. That kind of pissed me off. Nobody should be able to do that. Some people were trying to help tweet to people to report this hack to Twitter, just press the gear icon, etc. Well, my desktop twitter didnt have one so I created a screenshot showing how to report it from desktop set-up.

Twitter support blows. I am sure that so many fans of The Domains have reported this, and still no help. The knucklehead holding the twitter account for ransom still has full control of the site. This only goes to show the rest of us that have many less followers, that if we ever get hacked, we will never get our accounts back.

So, this starts bothering me. I know Ray for almost 10 years now. Mike Berkens had my favorite portfolio of any big time domainer ever, before selling it. Almost got to meet Mike when in Ft. Lauderdale a couple years ago. Just seems like a very cool guy. I have TONS of respect for TheDomains.com and Mike and Ray.

Ok so, I see this knucklehead hacker tweeting on that account. At one time, he asks for $50 in Bitcoin to get account back. I tweet that I will pay it to get it back to them.

Then he direct messages me.His tweets sounded childish, but his DM's sounded much more civil. So, I feel like I am dealing with a guy down on his luck and he is a hacker, sure I will give him the $50 to get the account back to Mike and Ray.

Thats where I F-ed up.

So, I sent him $50 in Bitcoin from my Bittrex along with the $15 fee thinking he was going to turn over the account. Of course, he didn't

Now, you may call me an idiot, and I get it. I do feel embarrassed. Based on the DM's I really felt like I could fix this. The money was not too big of an issue to me considering the knowledge I have gotten from Mike on TheDomains.com for free for all of these years, and Ray has done 100x more than $50 worth for me in the past 10 years as well. So this could have been a great ending but unfortunately not.

This is where you come in.

Can anyone find this guy? I know there are some brilliant people who frequent this forum and I think I got a lot of information from this scumbag. A couple members I have seen here who have done some great investigative work... @Grilled @promo anyone else that may be able to help, that would be extremely cool!

I am gonna eventually post my whole DM conversation here thru screenshots. I have his Bitcoin address and some text address screenshot that may be helpful. I don't know why, but I am angered by this big time like it is my own site even though it isn't.

Thanks,
Vito

Ok I think I captured entire conversation
Here goes...

 

[Vito]

@Media Branding please delete the photo ... we don't know if it is him because it is more likely that this is a photoshop edit from the web. Better look for uploaded media that are personal creations.

I took the big photo of him alone out.
I can leave the profile page photo up though right?
I took that one out too.

You might be right @Brandmore

 

[Vito]

On 5. Feb. 2017 he uploaded a photo with "Dylan is the best" and he said thanks Donald ... and Dyl is the Short Version of Dylan

Seems a bit of a stretch but better than what I got right now!
WE are getting close.

 

[Vito]

Additionally, there could be multiple concerns here. Depending on what information is stored privately on thedomains twitter (maybe tips from anonymous sources), there could be a concern of a data leak.

Yeah, that would be horrible considering how many NDA conversations are had everywhere in domaining.

 

[Vito]

.
"I will hack the hacker"

That just sounds so cool!

Best of luck on getting the bad guy!

 

[Chris Hydrick]

Yeah, that would be horrible considering how many NDA conversations are had everywhere in domaining.

Not just NDA's, but other communication that may have been delivered in confidence. The domain industry is already largely disliked, and is secretive in nature. I believe the Panama Papers derived from some sort of hack. Will the domain industry ever have its own version of the Panama Papers? Would it do more harm than good? Was it ever determined how the Skype transcript HERE between @Michael Cyger and @Adam Dicker was leaked? What other hacks or leaks has the domain industry endured?

If you have any made any undesirable friends or are entrusted to safeguard certain content, you have to be aware of the possibility of getting hacked. Not saying TheDomains wasn't aware, just saying with great power, comes great responsibility. I imagine I may have made an undesirable friend or two, who might not have an interest in purchasing my twitter account, but they may however, have an interest in purchasing my direct messages.

ie What long term value does a stolen Twitter account have VS stolen Twitter direct messages?

 

[Vito]

Not just NDA's, but other communication that may have been delivered in confidence. The domain industry is already largely disliked, and is secretive in nature. I believe the Panama Papers derived from some sort of hack. Will the domain industry ever have its own version of the Panama Papers? Would it do more harm than good? Was it ever determined how the Skype transcript HERE between @Michael Cyger and @Adam Dicker was leaked? What other hacks or leaks has the domain industry endured?

If you have any made any undesirable friends or are entrusted to safeguard certain content, you have to be aware of the possibility of getting hacked. Not saying TheDomains wasn't aware, just saying with great power, comes great responsibility. I imagine I may have made an undesirable friend or two, who might not have an interest in purchasing my twitter account, but they may however, have an interest in purchasing my direct messages.

ie What long term value does a stolen Twitter account have VS stolen Twitter direct messages?

I don't think most people are that smart.


Like @creataweb said,

What a total loser. Don't these script kiddies have a life or anything better to do?

I believe this. It is prob some kids with scripts that make a couple bucks for account ransom money, then move on to the next account. Deciphering thru all of that info and then trying to figure who it is worth more to in an Industry you may not be familiar with is just a lot of work. If they have an easy script running 24/7 that hacks multiple accounts, I bet they are just taking the easy money and running to the next one.

Going to sleep. Thanks for all the help tonight everyone.

 

[namezest]

Sorry that happened to you. If it makes you feel better twitter account for namezest is blocked problem is I never signed up for it....

 

[urlurl]

another problem is bitcoin. no bitcoin = no ransoms

 

[Michael M]

Nothing here is concrete at all, just figured I'd take a second to look.

If the "hacker" is Dylan from the mentioned twitter account then I believe:

His name is: Dylan Davis
He lives in Upper Arlington, OH
He went to Pickerington Ridgeview Middleschool (8th grade) in 2015

I found this by cross referencing some twitter accounts and some googling...

 

[Michael M]

If this is the "perp" then he now is a Pitcher for Central Crossing Highschool in Grove City, OH.

If this person is not who took over Mike Berkens Twitter account then I do completely apologize. I am not accusing anyone of anything. I am only connecting dots from a twitter account that was posted here with their twitter friend names - which lead me to his participation in school sports and articles and pictures of him.

 

[Michael M]

@Media Branding - To confirm - you received a instant message from that username on twitter? Can you confirm the "hacker" used this other twitter account to contact you? If so then we can probably turn this info over to Michael Berkens/the authorities and let them sort it out.

(I'd imagine it wouldn't be too hard to find his parents and probably get this straightened out)

 

[Vito]

Thanks @Michael M

Here is an update, I keep trying to talk to this A-hole thinking eventually he would do the right thing but I guess there is no negotiating w/a friggen psychopath.There are hints of him being a rational person, then that gets wiped away. He is just toying w/me now.

 

[Vito]

Ya know, It is truly insane that Twitter has not gotten involved yet and given this account back to Mike and Rays control. 24 hours already!

Security/Support at Twitter is just a F-ing joke.

With our President using Twitter so much, you would think it is the safest social media site out there.
Definitely Not!

I am not a big social media guy but I did just start liking twitter. Finally was getting the hang of it and my feelings are now back to twitter sucks, since the support is non-existent.

 

[Michael M]

I'm trying to put a little pressure on the little guy myself right now. Maybe we will get lucky and he will relent.

From your side I would make sure to keep those screen shots proving he contacted you from the other account. In the least Berkens may be able to get a local sheriff to at the least follow up on a complaint and go out and pay a visit to him.

Of course all of that will be very useful for MB to have on hand to give to twitter as well.

 

[Michael M]

wow.. He just replied: "hhh yas im dylan

come to ohio for me"

 

[Michael M]

I believe I have found Dylan's mother on facebook and then in other locations. If Dylan is the "hacker" and the suspected mother can identify him from images from his twitter (which I have captured) - then we have a point of contact that might could assist in getting the twitter account back.

Anyone want the information to pursue? I do not want to post all this publicly.

 

[Silentptnr]

I've been chatting with this nutcase all morning. I might be close to getting the credentials. I'll know shortly.

 

[Silentptnr]

I made him change the pic back to D

 

[Vito]

I made him change the pic back to D

Very cool!

 

[phantasmagoria]

been using some of his text and putting them under quotes "" on google, goes back to some arabic kid, unless they all talk like that, using the HHHH constantly. There are only a few people that came up talking like that using the quotes. Example, "hhh yas im", or "hhhhh you are very funny", unless of course there is some trend where people write h's in front of whatever they are saying. /shrugs.

https://www.google.com/search?q="hh...y"&aqs=chrome..69i57&sourceid=chrome&ie=UTF-8

another one, guy talks with a bunch of h's
https://www.google.com/search?newwi......0...1c.1.64.psy-ab..0.0.0....0.iesRZ8cHUnM

 

[Michael M]

I think he is doing it for the attention much more than he is doing it for money.

Some people are just morons, I guess...

Hopefully the account gets back into the right hands, regardless.

 

[Abdullah Abdullah]

been using some of his text and putting them under quotes "" on google, goes back to some arabic kid, unless they all talk like that, using the HHHH constantly. There are only a few people that came up talking like that using the quotes. Example, "hhh yas im", or "hhhhh you are very funny", unless of course there is some trend where people write h's in front of whatever they are saying. /shrugs.

https://www.google.com/search?q="hh...y"&aqs=chrome..69i57&sourceid=chrome&ie=UTF-8

another one, guy talks with a bunch of h's
https://www.google.com/search?newwi......0...1c.1.64.psy-ab..0.0.0....0.iesRZ8cHUnM

Hhhh is used in many places and just means the person is laughing at whatever you are talking about or he is reading. Most of the time, it is also for being sarcastic ...like saying... hhhh
...yeah right .

I think it is very hard to find anyone in this way.

 

[TheWatcher]

@Media Branding you did your best to get this account for Mike but just a foolish attempt.
When you send bitcoin, it's over there is no way for you trace it back outside of USA. In USA, we provide more information beside username and password, other countries doesn't require this information for obvious reason, not to be trace.

If he/she can hacked twitter account I have no doubt he knew how to cloak his profile, pictures and logs too. Bitcoin payment is just icing on the cake.

The only way to sort this out is Twitter security team to cancel his access, be patient many of us already reported this security breach.

Reminder: We don't negotiate to these fools. Nothing will come out good.

 

[Michael M]

@Eric Lyon @Admin - If possible please remove the personal information from my posts in this thread as I probably shouldn't have shared that publicly.

In retrospect - It is always possible that account has been compromised as well...

Thanks!

 

[usernamex]

Great to see the progress and contributions here, hoping this will be resolved sooner than later.

Meanwhile - put an alert and link to the original thread to encourage people to keep reporting to twitter in my sig line - here is the code:

[B][COLOR=#ff0000]Help STOP the Hackers! [/COLOR]
[URL='https://www.namepros.com/threads/thedomains-twitter-has-been-hacked.1056355/']
[COLOR=#0059b3]namepros.com/threads/thedomains-twitter-has-been-hacked[/COLOR][/URL][/B]