top | item 32719030

(no title)

ff7c11 | 3 years ago

I don't believe the kids behind this Twitter account. I don't know why they're doing it exactly, probably some form of clout or to scam buyers on darknet marketplaces, but I know that many of their screenshots are faked. I know people at one of the companies they claimed to have hacked - they posted a Ruby on Rails directory structure as proof of hacking them but the company does not have Ruby code. So I would not trust any of their tweets.

discuss

richbell|3 years ago

I don't trust them (AgainstTheWest, not Troy Hunt) either — and frankly I'm surprised to see that they're still active.

Earlier this year they claimed to have discovered an NGINX 0-day RCE and tested it against a Canadian bank. Not only was it a big nothing-burger, but they ended up purging their Telegram channel aftwards with claims of infighting (screenshots for posterity: https://imgur.com/a/5AThvTv).

ajsfoux234|3 years ago

The original submission link was https://twitter.com/AggressiveCurl/status/156616119824850944... , it was changed since this comment was posted

charles_kaw|3 years ago

> they posted a Ruby on Rails directory structure as proof of hacking them but the company does not have Ruby code

I think it's extremely suspicious, but often times breaches like this aren't through the core platform itself. For example, Equifax was a support site that was hosted and built separately from their main platform.

This whole thing does smell like BS to me, though as well.

rvz|3 years ago

The TikTok breach is completely real. [0] Despite the hilarious denial spirals in the comment section.

You don't need to wait for Troy Hunt to tell you otherwise, even he is not always correct.

[0] https://twitter.com/MayhemDayOne/status/1566748988770066435

unknown|3 years ago

[deleted]