Quiz Entry - updated: 2026.07.14
Walk through the full attack chain of the Mat Honan hack. How did the attackers move from Twitter to Apple?
The chain: Twitter → Personal Website → Google → Amazon → Apple → total compromise.
* Each hop leaks the key for the next — a public Gmail address, then the Apple ID, then a credit card's last-4 — until the devices are wiped and the accounts seized. *
Step-by-step:
| Step | Action | Information Gained |
|---|---|---|
| 1 | Found @mat on Twitter, wanted the handle | Target identified |
| 2 | Twitter profile linked to his personal website | Found his Gmail address |
| 3 | Tried Gmail password reset → Google showed the recovery email: m••••n@me.com |
Identified his Apple ID (iCloud email) |
| 4 | Called Amazon support, asked to add a new credit card to the account | Social engineering — Amazon only required name, email, and billing address (all public) |
| 5 | Called Amazon again, asked to reset password using the new CC as verification | Got access to Amazon account |
| 6 | On Amazon, viewed saved credit cards → last 4 digits visible | Got last 4 digits of real credit card |
| 7 | Called Apple Tech Support with: name + email + billing address + last 4 CC digits | Apple issued a temporary password for his Apple ID |
| 8 | Used Apple ID to trigger Find My iPhone → remote wiped all devices | iPhone, iPad, MacBook all erased |
| 9 | Reset Gmail password via the Apple recovery email | Full access to Google account |
| 10 | Reset Twitter password via Gmail | Full access to Twitter — goal achieved |
The fundamental flaw: Information that one company considered non-sensitive (last 4 CC digits) was used by another company as an identity verification factor.