Someone stole your verified account on X.com (Twitter): what you can do

Imagine this: one day you want to log into yours X.com (formerly twitter.com) account, but your password doesn't work. You try to reset your password, but find that your email address has been changed. Try to restore it with the phone number, but it is also replaced. In an instant, you break out in a cold sweat – someone has stolen your verified account. Unfortunately, this is not a rare occurrence, especially now that it is X.com under the leadership of Elon Musk, abandoned some key security measures. But it was also your own fault, as you did not turn on double authentication, which unfortunately on X.com it doesn't always work as it should, and it often happens that users don't turn it on. For me personally, I tried it and found it didn't work as expected - I didn't receive an SMS, so I left it inactive. At the same time, users really use overly naive passwords that are not complex enough. At the same time, passwords are often in libraries of stolen passwords on the dark web, but we users are not even aware of this.

How someone stole your verified account on X.com

X.com has a major security flaw on its side. Account theft does not happen in one day, but gradually. On the first day, they change your email address, and after a week, your phone number. Personally, I am very surprised that there is no warning for the user or email notification that the email has been changed. A hacker probably does this by turning on two-factor authentication on their phone number. He then changes the number, and you inadvertently help him by entering the verification code you received via SMS - as you are both logged into your session at the same time.

How a cyber attacker stole my verified x.com (formerly Twitter) account.

So my attacker was logged into my account at the same time. And when it started porting the number, I looked at my phone at the notification and entered the password I received via SMS. This presents an obvious security hole that allows easy account theft. So the account should be protected even when logging in with two-factor authentication. So the user just diligently waited for me to help him myself. Since I'm at the computer all day and I'm proactive with various notifications, I thought that the session had simply expired and that something needed to be restored.

If you haven't two-factor authentication enabled, it's much easier for someone to log into your account without you noticing. Someone logs in with your username and password, changes their email address, and then a few days later their phone number. You receive SMS with a request to enter a verification code at X.com. When you do this, you inadvertently transfer the account to another phone number. And so your account is no longer yours!

So my attacker was logged into my account at the same time. And when he initiated the transfer of the number, I looked at the phone at the notification and entered the password that I received after SMS. This presents an obvious security hole that allows easy account theft. So the account should be protected even when logging in with two-factor authentication.

If you haven't two-factor authentication enabled, it's much easier for someone to log into your account without you noticing. Someone logs in with your username and password, changes their email address, and then a few days later their phone number. You receive an SMS with a request to enter the verification code at X.com. When you do this, you inadvertently transfer the account to another phone number. And so your account is no longer yours!

Let's see what you can do if you find yourself in this unpleasant situation

1. Act now - report the theft The first step is to take immediate action. Acting quickly can minimize damage and increase the chances of successful account recovery. Personally, in this case, I reported the theft of the user's account to X.com within two hours of the phone number being changed on the account. X.com has an extremely poor way of reporting stolen accounts. Despite the fact that I am a verified user, I did not have the option of a better way, such as a normal online form, which does not require, for example, an identity document, phone number, etc., i.e. the possibility of user identification, which in principle would be the real purpose of paid verification and subscription on Premium. So that you have the possibility to prove that an account is yours, has been stolen or misused. And that you really are the person you say you are. In the case of a stolen account, you actually have very little chance to fix things. But you can take action.
2. Use the account recovery tools X.com offers some very poor account recovery tools. If you have two-factor authentication (2FA) enabled, use backup codes (you have them in your email or if you saved them) or an authentication application to restore access. If your email address has been changed, try to restore your account via phone number. However, if the phone number has already been changed, which usually happens after the e-mail address has been changed, then you have a serious problem.
3. Check the security of other accounts If your account has been stolen at X.com, there is a possibility that your other accounts are also compromised. Most likely many accounts where you may have used the same email and password. Check security settings and passwords on other platforms, especially if you use the same passwords. In any case, it is imperative that double verification is established on all of them. But do all this only after you have thoroughly checked your computer and have no viruses. These are often in the form of Chrome add-ons, which is also why it is necessary to turn off all add-ons in Chrome - Chrome extensions, they mostly mean "Trojan doors" for stealing most credentials. Many times it is about past hacks. I found out myself that I left this password only on this account, and that it was exposed several times during the hacks themselves in the last 2 years.
4. Extreme measures - how to prevent maximum damage
   • How to prevent damage and terminate or recover your stolen account Next, open a new user account on X.com (formerly Twitter) with a secure and scanned computer and a verified and protected new or work email. Then create a premium account. The big problem is that you can't verify yourself - that is, confirm in the first 30 days, which is most important. But still, you will be verified in a way and the payer of the services.
   • Then ask your friends, which are verified to report your account as stolen or for someone who is not. In your eyes, this is an account that you do not have access to. And you need to prevent anyone from posting with it. Verified users still have the power to limit a certain account or to make administrators pay attention to it. And that it is at least temporarily blocked. You should no longer treat this account like an account that is yours, but it is someone else's account. X.com has no safeguards, you must safeguard your reputation.
   • Register an account as someone, which is published for you. The account is no longer under your control, all you can do is yes Please notify X.com, that it is no longer under your control in such a way as to limit the operation of the account and that you X.com contacts or assigns control over the account to you.
5. Increase the security of your account When (if) you regain access to your account, immediately change your password and enable all available security features, including two-factor authentication. Use passwords that are long and contain a combination of letters, numbers, and special characters.
6. Check your security settings regularly Staying safe online is not a one-time process. Regularly check and update security settings on X.com and other platforms. Consider using a password manager to create and store strong passwords. At the same time, check whether your passwords on various online stores and applications have been compromised in the past.

Conclusion: Verified account theft on X.com it can be a scary experience and very possible, but by taking the right steps you can regain control and improve safety. Remember that prevention is better than cure - update your security settings regularly and be alert for any signs of intrusion. Good luck!