hacks

JEAN MACHINE

An image of two masked hackers from the Simpsons episode Lisa the Boy Scout.

Simpsons showrunner Al Jean’s Twitter account was hijacked last night by a nefarious cyberscoundrel or perhaps a rogue nation-state. The verified account was edited to impersonate Art Blocks, an NFT art project that has sold millions. Here’s a screenshot of what it looked like earlier, courtesy of comedian Friz Frizzle:

A screenshot of Al Jean's Twitter account impersonating an NFT account.

When contacted outside of Twitter, Jean confirmed the hijacking, saying “I got a text notification and it was gone,” and urged people to update their passwords.

The impostor Al Jean retweeted several artists involved with Art Blocks and the actual Art Blocks Twitter account, before announcing that a collection of digital squiggles by the artist “Snowfro” was now live. Eventually the avatar was removed, the display name was changed back to “Al Jean,” and the account was turned private. The account follows me, so I’m still able to see the impostor’s tweets, which as of this writing have yet to be deleted.

A screenshot of a tweet shilling an NFT collection.

The sudden shift in Jean’s posting style from hyping upcoming episodes to hawking crypto art did not go unnoticed. Former showrunner Bill Oakley quoted a tweet about it and added “what the hell.” “al jean got h4cked by some nft shitheads :/” tweeted Spiker Monster, a fanartist who recently had his designs featured in a couch gag. Others have noted that there doesn’t appear to be an easy way to report a hijacked account to Twitter.

We’ve had some fun with Al Jean’s tweeting in the past, but he’s a nice guy who regularly engages with fans and shares peeks at upcoming Simpsons stuff, so it’s dismaying to see him join the 37% of Americans who have had their social media profiles hacked (at least according to NordVPN).

Unfortunately, this might be the worst possible time to get hacked on Twitter (well, not that there’s a good time, mind you) as things appear to be chaotic at the social media giantess. Newly minted conquistador Elon Musk is said to be firing 50% of the company’s employees very soon, which presumably includes people on the security team. Furthermore, Musk plans to start charging famous people and organizations for the blue checkmark symbol that indicates their accounts have been verified as being the genuine article, which has already led to phishing campaigns. Non-notable people who pony up $8 a month for a Twitter Blue subscription plan will also get the coveted blue checkmark without the hassle of getting their identities authenticated, which defeats the original purpose of the checkmark and will almost certainly sow more confusion and impersonation scams down the line.

Luckily for Jean, Musk guest starred in a Simpsons episode back in 2015, so maybe he can get ahold of him directly.

ROCK BOTTOM

In an episode aired in early 2003, Homer’s e-mail address is revealed to be Chunkylover53@aol.com. E-mails sent to that address would receive a response from “Homer,” which was actually written by writer Matt Selman (see some of the responses here). That account has remained largely dormant until recently, when it resurfaced on AIM to spread malware to those who had added “Homer” to their buddy list:

Since then, the screen name has been inactive, until a few days ago when Chunkylover53’s “Away” message appeared, prompting people to click on a link and run an executable in order to see “a *new* Internet-only exclusive Simpson’s episode.”

Of course, the file doesn’t show a Simpsons video. It infects the machine with a Trojan that throws up error messages, crashes the computer when attempting to open Windows Explorer and drops other nasty files onto the machine, making it part of what is believed to be a Turkish botnet, according to FaceTime, which secures IM, collaboration and Web apps for corporations.

The real question: why are Matt Selman and his Simpsons co-workers spreading viruses to their fans??? Developing… [CNET]