"A Coordinated Takedown Targets 'OGUser' Account Thieves"
Instagram, TikTok, and Twitter have taken action against the hacker community called OGUsers, in which members buy and sell stolen social media accounts. Hackers affiliated with OGUsers were allegedly behind the attack faced by Twitter last year that resulted in the temporary takeover of several accounts belonging to well-known figures and companies, including Jeff Bezos, Uber, and Apple. In a coordinated effort to crack down on OGUsers account takeovers, TikTok, Twitter, Instagram are seizing stolen accounts. The coordinated actions also involve sending cease and desist letters to the most active members of the OGUsers account theft operation. In addition to compromising accounts to steal credentials, skilled OGUsers hackers have performed sophisticated phishing attacks and made attempts to extort customer service employees and IT technicians at high-value companies into providing bulk access to more accounts. With bulk access, OGUsers have performed SIM-swapping attacks to take control of a target's phone number, thus giving them the ability to request password resets for some websites or a victim's two-factor authentication code. Twitter announced that it recently banned a number of accounts tied to OGUsers activity. TikTok reclaimed usernames being used for account squatting. This article continues to discuss the OGUsers hacker community and the coordinated action to take down OGUser account thieves.
Wired reports "A Coordinated Takedown Targets 'OGUser' Account Thieves"