I changed the title from "Abandoned Tweet Counter Hijacked With Malicious Script" because the interesting thing to me was the attack vector being the recycling of the S3 bucket name. Of course the same thing could have happened with an abandoned domain name.