He leveraged a flaw in Zendesk to keep the account under his control
On Monday, we reported that the Twitter account of Westboro Baptist Church (WBC) spokeswoman Shirley Lynn Phelps-Roper (@DearShirley) was taken over by UGNazi hackers. Despite the fact that the attacker used the Cosmo nickname, most people believed that it was simply someone utilizing the name of the notorious hacker.However, according to Wired, that was actually Cosmo the God, the hacker sentenced to probation last month until he turns 21.
The reason why most believed that the hacker wasn't actually Cosmo was that the teen was banned from using a computer without supervision and for other purposes than education-related ones. This hack would clearly violate Cosmo's terms of probation.
Apparently, the hacktivist managed to keep the @DearShirley account under his control for over 24 hours by leveraging a vulnerability in Twitter’s Zendesk system.
By leveraging the flaw, Cosmo was able to close the account support tickets submitted by Shirley Lynn Phelps-Roper before they could reach Twitter representatives.
Over the past 48 hours, hacktivists from all over the US (and not only) have been busy taking down WBC websites and leaking sensitive details belonging to the organization’s members.
The attacks come after the WBC revealed its intentions to picket the Newtown funerals and after they’ve praised God for the shooter who killed several people.