A Chat with MrChikri via Celebrity’s Hacked Twitter Account

NOTE: The following article was first published on the now-defunct EduTechGuys WordPress site. The text was recovered from the WayBackMachine on the Internet Archive. Most of the embedded images are lost because Archive.org does not preserve images over certain file sizes. I am posting here so I have an accessible copy of it. Any red boxes in the posted images were added by me to protect personal information.

A Chat with MrChikri via Celebrity’s Hacked Twitter Account
by David | Nov 9, 2016 | General Education, Interview, Quick Tip | 0 comments

While following my Twitter feed earlier today, I saw a post from Dave Coulier (yes, as in “Uncle Joey” from “Full/Fuller House”) saying that he had some important news. I responded, not sure I qualified as a “News Reporter.” The account responded, letting me know they had hacked the account and wanted to talk about how they did it and what people can do to protect their accounts.

I struck up a conversation with a user going by the name of “MrChikri.” MrChikri said he was from London.

What follows is the transcript of that conversation (Note: all spellings, grammar, etc are left in tact from the transcript):

davidinark: So, you hacked a celebrity account and I reached out in reply (honestly not realizing it had been hacked). Can we talk about HOW you managed to hack the account, and then, more importantly, how do celebrities (and anyone else) protect themselves from being hacked?

After several moments of waiting, little dots began pulsing on the screen as MrChikri typed out an answer. The response came a full 7 minutes after my initial questions.

MrChikri: hackers that hack celebrities social media accounts are all using the same method, anyone can use this method to hack celebrities even you. all it takes is access to one website called http://leakedsource.com  and money for a subscription.

MrChikri: when big sites like linkedin, myspace etc gets hacked http://leakedsource.com  gets the database of the site and in the database it includes passwords,emails,usernames

MrChikri: i searched daves email on leakedsource and it gave me a list of sites that the email has been registred to

MrChikri: i have a subscription on leakedsource so let me show you a screenshot of how it can look like when getting the password.

davidinark: Ok, what does that look like?

MrChikri: even if you dont have a subscription on leakedsource you can still search emails,usernames but you won’t be able to see the info on it

davidinark: Feel free to block out passwords, etc.

MrChikri then posted the following image (note, all red boxes were added by me, davidinark):

(IMAGE NOT PRESERVED)

MrChikri: here is dave, myspace got hacked 2013 and over 360M passwords were leaked and as you can see daves was one of them

davidinark: Wow!

MrChikri: if you have a subscription this is how it will look like:

(IMAGE NOT PRESERVED)

davidinark: So, this means that Dave hadn’t updated his password since at least 2013!?

MrChikri: yes sir

MrChikri: most celebs use same passwords on all social media

MrChikri: i managed to get into daves instagram account with 500K followers

MrChikri: because he have been using the same passwords for his social media wich is very bad to do

davidinark: Yoy. Yes, that is VERY bad thing to do. I can only suppose that people get relaxed and assume everything is safe. They leave their passwords the same for years and never realize how exposed they have made themselves.

MrChikri: people like kylie jenner, katy perry, drake etc have been hacked using this method.

MrChikri: my tip is just change your password every month and don’t use same passwords on same social medias, also make sure you enable “Login Verification” on twitter and “2 Step verification on your emails” and “2 Factor Authentication” on your instagram

davidinark: I have to ask what keeps you from doing bad things on their accounts? Why are you willing to expose the problem and talk about it rather than cause absolute havoc, as many hackers would normally be apt to do?

davidinark: Your advice is spot on! I hope you are able to communicate that to the celebrities and others who AREN’T updating/changing their info!

MrChikri: well tbh i tweet crazy stuff to it just depends who the person is,

davidinark: Haha, nothing malicious, just crazy, eh?

MrChikri: i mainly hack accounts just to promote my instagram & snapchat, never my twitter cause i just got suspended today thats why im dming you off this one

davidinark: I assumed this was a burner account. 🙂

MrChikri: instagram is very easy to hack though you won’t belive it

MrChikri: lol

MrChikri: you heard about One Direction?

davidinark: Getting hacked? No. What happened there?

MrChikri: instagram should patch this way to hack accs cause this is just (ridiculous)

MrChikri: all you have to do is this

MrChikri: google “instagram report hacked account” and go to that link, https://www.facebook.com/help/instagram/contact/740949042640030 … and this should come up

MrChikri: so then u just put ur username and etc

MrChikri: 5-10 mins after you will recieve an email saying this

(IMAGE NOT PRESERVED)

MrChikri: so this might seem hard but it is very simple, i putted in @twhiddleston ‘s instagram account to get into it, and then googled “Tom hiddleston holding a paper”

MrChikri: i found this and it matches the instagram email that they want me to do

MrChikri: then i just photoshopped the picture as you can see it does look legit

MrChikri: i sent that pic to them and after 17 hours i got this email

(IMAGE NOT PRESERVED)

davidinark: Very legit! (In response to the “legit” comment above)

MrChikri: they gave me a link to reset the password and then i got into his account

MrChikri: this is how dumb instagram is!

davidinark: Yeah, I can see where that wouldn’t be hard to do at all. So, how would someone stop that from happening to themselves?

MrChikri: if you go into your instagram settings and scroll down til you see “Two-Factor Authentication” and enable that, do you know what that is?

davidinark: Yeap! (**See below)

MrChikri: yes that’s what you need to do enable that, but i know a way to bypass that

MrChikri: i can only bypass it on instagram

davidinark: Definitely need that enabled on any accounts that offer it.

davidinark: I appreciate you taking the time to explain how it is done, but even more that you are interested in helping folks PREVENT it in the first place.

MrChikri: there is one more thing i need to say about twitter hacking. On twitter someone hacks you, you’re first changing the password right and then think that the hacker got logged out of the acc cause you changed the pass

davidinark: Right…

MrChikri: but when changing a twitter password you need to goto “Apps connected” and revoke every device from the account

MrChikri: then the hacker gets logged out

MrChikri: now dave got his account back but he only changed his password, i still have access to his twitter…

davidinark: Ah! Yeah, I bet most folks don’t know about that or even think about that!

MrChikri: literally no one that i’ve hacked does that lol

davidinark: Well, I am glad I reached out to Dave’s (er, your) tweet. Thank you for sharing HOW the accounts get hacked and how folks can PREVENT it from happening in the future.

I then asked MrChikri to look up my account information in the system to see if I was in there. I was. Luckily, the information turned out to be stale (old), but MrChikri’s advice is spot-on: Change the info anyway!

**NOTE: Two-Factor Authorization is a security measure in which verification takes place using TWO forms of ID. This usually entails using a cell phone number that receives a text with a special code to be entered for verification. The user gets a text from the site. If everything is on the up-and-up, the user enters that code on the site. If a user gets a request to enter the code but they never asked for the code, someone is trying to hack the account.

Reset TCM 2014 Ford Focus Transmission

If your 2014 Ford Focus is shifting hard or seems to have an erratic transmission, these steps may fix the issue. We ran into this after replacing the TCM in my mother's Focus.

1. Run the car and set trans to neutral.

2. Turn off and wait 15 seconds.

3. Shift to Park.

4. Turn the ignition on (Not running), wait 15 seconds

5. Turn to off, then ignition on (not running)

6. Shift to neutral (you may have to press the brake to do so)

If successful you should see "Transmission Ready" on your dash.

I have done the above method successfully on my mother’s car. Lasted about 9 months or so (we can’t remember when it was done).

Possible alternate method:

Turn off car

Turn ignition to ON (do not start)

Press gas pedal to floor and hold for 10 seconds

Turn off car

Release gas pedal

Wait 2 minutes

Start car and drive, slowly accelerating through each gear and the slow down to cycle back through gears.

I have done the above on my mother’s car when the transmission started acting up again. Don’t know how long this will last.

The Goodbye Letter: Compute!'s Gazette 1995

Gazette masthead, recreated by David Henderson

 While falling down the rabbit hole that is nostalgia-induced Internet diving, I came across an archive of every issue of COMPUTE!'s Gazette ever published. I read through the very first issue. It brought back a flood of memories from my childhood - the ads, the "new" technology, the type-in programs. 

I skimmed through a few other issues before jumping down to the FINAL issue ever produced. The magazine ran from 1983 through 1995. The last set of issues were fully disk-based. And on that lest Gazette disk, I found a heartfelt letter that announced the end of the magazine's publication.

I am posting it here for your perusal and for posterity. 

 Gazette, February 1995

64/128 VIEW: Time to Say Goodbye

By Tom Netsel

In July of 1983, a new magazine devoted to the Commodore VIC--20 and the Commodore 64 hit the newsstands. Founded by Robert Lock and edited by Thomas Half hill, that magazine was called COMPUTE!’s Gazette. After almost 12 years, numerous editors, and several changes in format, Gazette ceases publication with this issue. This is the last Gazette. 

When Gazette started, Commodore was selling more than 100,000 VIC-20s and 64s each month. Dozens of software suppliers were rushing products to this rapidly growing market. The initial press run for Gazette was 175,000 copies, up from an originally planned 75,000. And all this was at a time before the 64 itself really took off to become the most popular home computer ever built, selling more than 14 million worldwide.

If you look back at that first issue, you'll notice that Fred D'Ignazio had a column that was called "Computing for Kids." Jim Butterfield’s name appeared on the masthead as an associate editor. You'll find their final columns in this issue.

Larry Cotton is another long time contributor. His "Beginner BASIC" column has been a regular feature for many years.

A few years ago, I was looking for someone to write a GEOS column. It had been an on and off feature in Gazette, but readership surveys told me that there was considerable interest in this operating system from Berkeley Softworks. I went searching for someone to write a monthly column. I'll have to thank Robert Nellist for recommending Steve Vander Ark for the job. Robert and Steve had been corresponding for some time about GEOS, and he suggested I get in touch with Steve. I did and Steve agreed to supply Gazette with a column each month.

Sometime later, I wanted a column to pay tribute to the great work being done by programmers who offered their work as public domain. Steve volunteered to do it and added "PD Picks" to his busy schedule. It was about that time that Robert wrote me a letter complaining in a good natured fashion that while Gazette had gained a columnist in Steve, Robert had lost a pen pal.

The junior member of the Gazette columnists is David Pankhursto The author of fantastic spreadsheets, Calc and Calc II, David took over the reins of "Programmer's Page" a little more than a year ago. Each month he has supplied a number of good programming tips from his own library and from those submitted by our readers.

I'd like to thank all these gentlemen for their great contributions to Gazette, without their help, this magazine couldn't have lasted a fraction of the time it did.

Last, but by no means least, I want to thank all of you readers who have submitted programs to Gazette over the years. My biggest regret is that I still have so many good programs here that I'll never be able to publish. My budget allowed me to buy only so many each month and I still have almost 30 submissions still in my Pending basket. Gazette had a number of staff programmers in its early days, but it has been our readers who have supplied the bulk of the programs that we've published over the years. To all of you who have submitted a program, I offer you my thanks. Without your submissions, this magazine would have folded years ago.

Gazette's closing follows shortly on the heels of COMPUTE's demise, but it is for totally different reasons. COMPUTE was bought and closed because a competitor didn't want the competition and was hoping to convert those subscribers to its publications. Gazette is closing simply because there aren't enough Commodore enthusiasts subscribing to make Gazette profitable.

So what's going to happen to your subscriptions? You'll have one of three options, but as I write this the week before Christmas, I don't know all the details as yet„ We are talking with other publishing companies that may have an interest in taking on our outstanding subscriber liability. If one of these companies takes over, then you will be offered a Commodore-related publication equal in value to the number of Gazette issues yet unmailed.

The other option is that you may elect to take the remainder of your subscription out in Gazette disk products. The specialty disks that we offer, such as SpeedScript and the GEOS Collection, are examples.

The final option is to simply request a refund of the remainder of your subscription. Each unmailed issue is worth approximately $2.50. 

As I said, negotiations have just started and I don't know what the outcome will be. You will be contacted shortly with an explanation of your options. I'm sure some of you will be getting letters asking you to renew your Gazette subscriptions. These mailings are scheduled months in advance and some undoubtedly will be mailed out after I write this. Please ignore them.

Normally, publications close and readers learn about it after the fact. With Gazette being on dii»k and having a short production time, I was able to convince the powers that be to give me this final issue in order to say good. bye. As I said, I don't yet have all the answers but I was at least able to offer some word of explanation as to why you won't be getting any more Gazette's after this one.

COMPUTE Publications will still be around, but involved with online publishing. COMPUTE Online has been on America Online for 18 months and it will continue, but with a new name. Starting in February, it will be called I-Wire. It will also be on the Internet with a world wide web home page. I have been the online editor during this time and I will continue with my duties there and as editor of Saturday Review Online.

Once again, thank you for your support over the years. Keep those 64s and 128s humming. It's been a pleasure. 

Gazette, February 1995

Force Apple Captive Portal Login

 If you try attaching to a guest wi-fi with an active portal that doesn't seem to want to trigger, try this:

http://captive.apple.com/hotspot-detect.html

Hope this helps!

Acer TravelMate Disable Secure Boot

 I was working on an Acer TravelMate that would NOT let me install Windows 8 or Windows 10. Turns out, the SECURE BOOT option was ENABLED and that was the culprit. Unfortunately, the BIOS would not let me select the Secure Boot option to change it. Turns out, there is a VERY easy fix:

Set the "Supervisor Password" in the BIOS to remove the greying out (there is a total of five different kinds of password in some of the BIOSes):

Hold down F2 during startup of the laptop to enter the BIOS.

Select menu "Security" using the arrow keys.

Select "Supervisor Password" using the arrow keys.

Press Enter to get the dialog for setting the password.

Type in a password and Enter.

Retype in a password and Enter.

Remember the password somehow! You will be prompted for it the next time you try to enter the BIOS.

Press Enter to dismiss the dialog.

Select "Boot" using the right arrow key.

"Enabled" for "Secure Boot" is no longer greyed out (and can be changed to "Disabled")!

Optional: Set the "Supervisor Password" back to empty.

Select menu "Exit" and menu item "Exit Saving Changes" using the arrow keys. Press Enter for "Yes" in the prompt.

This came from a forum post and I decided to post it here in case that post should disappear: : https://askubuntu.com/a/1001155