Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Twitter account hacked. Show all posts

Twitter 400 Million User's Details Up for Sale

Recently, the threat actor, "Ryushi", allegedly reported having stolen data from Twitter, including details of some famous celebrities worldwide. He is demanding $200,000 (£166,000) to hand over the data back.

According to the data, the hacker stole email addresses, and phone numbers belonging to celebrities and politicians, however, the size of the hack has not been confirmed yet. 

The UK Information Commissioner's Office (ICO) reported, "We are engaged in dialogue with Twitter's data protection officer and will be making inquiries on this matter. The firm is also Co-operating with the Data Protection Commission of Ireland”. 

Following the appearance of the news, Ireland's Data Protection Commission (DPC) reported that “the agency will examine Twitter's compliance with data protection law in relation to that security issue". However, Twitter did not make any public statement about the hack. 

As per the Guardian,  the data of US Congresswoman Alexandria Ocasio-Cortez was included in the sample of data that was made public by the hacker. Also, the Twitter handle of broadcaster Piers Morgan was recently hacked and is also reported to be included in the sample. 

Only 60 emails out of the sample of 1,000 have been provided by the threat actor in the earlier incident, "so we are confident that this breach is different and significantly bigger", said the firm's chief technology officer, Alon Gal. "The hacker aims to sell the database through an escrow service that is offered on a cyber-crime forum. Typically this is only done for real offerings." 

The threat actor is well aware of how damaging data loss can be for platforms. The hacker in the online post demanding money for the stolen data, also warns Twitter that it is the best chance of avoiding a large data-protection hack. 

"The DPC has engaged with Twitter in this inquiry and will examine Twitter's compliance with data protection law in relation to that security issue," DPC further said. 

NASA Director Parimal Kopardekar Twitter Handle hacked

 

The Powerful Greek Army group has compromised the Twitter handle of NASA Director Parimal Kopardekar. A spokesperson from the organization said that they reached out to the group who hacked the handle to inquire as to why they targeted the director of NASA, the attackers denied any political motivation to be there behind the attack, saying that the security incident was merely for 'fun'. As per the attackers, Kopardekar was chosen on the basis of his 'professional association' with NASA. 

The director asked the group that how did they hack the handle and the group explained that they detected an exploit that allows them to take over Twitter accounts. They further told that they are hacking for fun to demonstrate that “that nobody is safe online.” 

After getting in touch with the hacker group, Paganini reported that the group had no intention of doing anything malicious with the NASA director’s handle and it could be concluded that it was merely an experiment to test security flaws.

In April 2020, the Powerful Greek Army group breached the Twitter handle of the vice-speakers of the Greek Parliament and KINAL MP, Odysseas Konstantinopoulosening. 

“Government we have warned you. Do not lie to your own people again” states one of the messages published by the compromised account, while in another message he posted, he said: “To clarify something. We do NOT have an issue with this one, with the one with whom we have a big issue is the government and its moves. Friendship”. 

The list of victims who have been attacked includes the Nigerian Ministry of Foreign Affairs and Ministry of Finance, Bank of Nigeria, Ministry of Defence Of Azerbaijan, and The National Bank of North Macedonia.

Parimal Kopardekar holds a senior position at NASA as the Air Transportation Systems and is a principal investigator for the Unmanned Aircraft Systems Traffic Management project at the NASA Ames Research Centre. 

Twitter Hack: Three Arrested in the Bitcoin Scam


Graham Clark, a resident of Tampa Florida has been arrested under charges of being involved in July’s Twitter hack that targeted the handles of famous personalities including the CEO of SpaceX and Tesla Inc., Elon Musk, and former President of the US Barack Obama, to name a few. The other two suspects arrested by Californian authorities are Nima “Rolex” Fazeli of Orlando and Mason “Chaewon” Sheppard from Bognor Regis, U.K.

The alleged three ran a scheme under which they hijacked the twitter accounts of various public figures and posted tweets advertising a bitcoin scam from these high-profile accounts. In order to acquire access to internal support tools and these Twitter accounts, Clark compromised a Twitter employee and made use of his credentials. After gaining access to 130 accounts belonging to politicians and celebrities, he tweeted Bitcoin scam messages from 45 and accessed direct messages inbox of 36 of them and stopped with downloading the Twitter Data for a total of 7 accounts. Reportedly, the three cybercriminals involved made a profit worth $120,000 worth of bitcoins as a result of the scam.

Among the affected accounts were Amazon’s founder, Jeff Bezos, Microsoft’s CEO Bill Gates, Kim Kardashian West and Joe Biden.

According to operation led by the FBI in collaboration with the Secret Service and IRS, 17-year-old, Graham Clark is identified as the mastermind of the sophisticated incident; the teenager is just a high-school graduate who will be prosecuted by Hillsborough State authorities.

Bearing charges of conspiracy to commit wire fraud and money laundering, aiding the mastermind in orchestrating the attack, Sheppard is subjected to 45 years of imprisonment as the maximum penalty.

In a related video news conference, State Attorney, Warren said, "I want to congratulate our federal law enforcement partners, the US Attorney’s Office for the Northern District of California, the FBI, the IRS, the US Secret Service, and the Florida Department of Law enforcement. These partners worked extremely quickly to investigate and identify the perpetrators of this sophisticated and extensive fraud."

"This defendant lives here in Tampa, he committed the crimes here, and he’ll be prosecuted here,"

"The State Attorney's Office is handling this prosecution rather than federal prosecutors because Florida law allows for us greater flexibility to charge a minor as an adult in a financial fraud case like this." He added.

Meanwhile, in the regard, Twitter said "We appreciate the swift actions of law enforcement in this investigation and will continue to cooperate as the case progresses.

"For our part, we are focused on being transparent and providing updates regularly."

Bengaluru's Police Accounts Hacked: Culprits changed Twitter ID’s



BENGALURU: In the last four days, five of Bengaluru’s Traffic Police Twitter accounts have been cracked where the hacker alleged access to the accounts, posting spams and changing their usernames.

While the police exhort about strengthening cyber security and the need to use strong unique passwords to safeguard online accounts, their own accounts are being hacked by simple password guessing techniques.

Jayanagar Traffic Police was the first account to be hacked at around 10 pm on Friday, followed by ACP South East Division and soon KR Puram, Shivajinagar and Airport traffic police twitter accounts too were hacked by Sunday.

This is not the first time when Bengaluru’s traffic police have been made a victim of cyber crime - Elliot Alderson, a French based hacker broke into the city’s traffic police website in march this year exposing directories. Even other government sites are not well protected, the Aeronautical Development Agency’s (ADA) TRACES account of the Income Tax Department was hacked with impunity with the culprit still unidentified.

Though, in this case, the culprits simply second-guessed common passwords. A man called up various traffic police stations, claiming to be from the IT Department and asked account details and passwords to reset them. It is suspected that one of the staff members fell for the con and shared the password.

The black hat tried the password on other accounts and voila, it worked!

After breaching their twitter handles, the miscreants posted spam messages from these accounts and changed their usernames resulting in Shivnagar Traffic police handle being renamed as ‘SHIVAJINAGAR CINEMA’ and KR Puram became ‘KR PURAM T BOLIWOOD’.

These consequences could have been avoided by quick thinking and strong passwords. Cyber security experts repeatedly identify the use of strong, unique passwords so that malicious cyber threats can’t find or guess your password. SplashData, a password security company estimates that approximately 10% of individuals used at least one of the 25 worst passwords on this year's list, and approximately 3% used the worst — 123456.

Additional commissioner of police (traffic) BR Ravikanthe Gowda said they have filed a complaint with city cyber crime police and told officials to immediately change passwords to secure their accounts (quoting TOI). They also reported the hacking to twitter awaiting a response.

An officer said they are unable to take back control of their accounts on grounds of lack of trained men for the job.

Bengaluru has only one cyber crime police station with a tally of 8,200 cases this year, though to open more of these has been repeatedly proposed to no effect.

Hackers attacked Russian Prime Minister Dmitry Medvedev's Twitter


Source: RT
Unknown hacked the page of Russian Prime Minister Dmitry Medvedev on Twitter. They posted on the Twitter page meaningless letters and words in response to the message of the Iraqi Ambassador in Moscow.

The hacking of the Russian Prime Minister's Twitter page was recorded on 12 June. The Press Service of the Cabinet of Ministers said that currently control over the account is restored.

We are talking about the English version of the account @MedvedevRussiaE. Mysterious messages on Medvedev's Twitter appeared in response to the message of the Ambassador of Iraq in Moscow Haidar Mansur Hadi. He posted few photos from the ceremonial reception of Heads of diplomatic missions in the Kremlin on the occasion of Day of Russia. The answer to him was an incomprehensible phrase written in Latin letters, from which only one word “cucumber” is understandable.

Some users of social networks suggested that in such an unusual way Dmitry Medvedev decided to congratulate the Ambassador on Russia's holiday. However, the second phrase was no less mysterious “Hop cc very very hubby cheers cheers her very vav chi hi”. After this comment, users decided that the English-language Twitter account of the Prime Minister was attacked by hackers. Shortly after publication, both messages were deleted.

Currently, on June 12, the account @MedvedevRussiaE contains congratulation on the Day of Russia.

Earlier, Medvedev's Twitter was hacked in August 2014. Then, in the Twitter account of Dmitry Medvedev, there were ports of his resignation, as well as criticism of colleagues in the Government. The motive for the resignation was based on the fact that the Prime Minister was allegedly ashamed of the Government's actions. In a short time, records on behalf of the Prime Minister scored thousands of retweets, and the Media began to publish screenshots of the hacked page. Subsequently, the Press Service of the Government reported that the account was hacked.

It should be noted that Medvedev started a Twitter account long ago when he was the President of Russia. During a trip to the United States in 2010, Medvedev visited Apple Headquarters and received an iPhone 4 from Steve Jobs as a gift. He also visited Twitter Headquarters, where he created an account and wrote his first tweet. The Russian-language Twitter account of Medvedev has 4.84 million subscribers, the English version has 1.04 million.

Katie Hopkins’ twitter account hacked, hackers threaten to post her sex tape

Photo Courtesy: The Independent 

A famous television personality and a columnist Katie Olivia Hopkins’ twitter account has been hacked this morning with tweets promising a link to a sex tape.

The hacker had posted tweets on her account like "Awell looks a like Katie Hopkins been sneak dissin too much ere", "New sex tape by katie hopkins in her email - 200 rts and we'll post the link", "Thanks for 200 retweets fam! Here's the sex tape link" along with changing her profile picture and twitter handle.

Today, the picture of Hopkins looks like a lady showing her double chins and her twitter handle changed to "jiggly jaws katie".

However, the hacker has removed the previous tweets from the account of the former Celebrity Big Brother contestant.

According to the news reports, the hackers posted a link and a video featuring an overweight man engaging in a solo sex act.

Now her account is called jiggly jaws Katie and is linked to porn sites.

Along with Hopkins, S Club 7 singer Hannah Spearritt’s twitter accounts was hacked this morning.

The cops have claimed that the hackers behind the leak of more than 100 private images of celebrities in various states of undress on imageboard 4chan on August 31 last year, the leak dubbed “The Fappening”, might have hacked the account of these two celebrities.

According to a news report published on Mirror, they contacted Katie's agent who replied: "Many thanks - we are dealing with it - cheers."

Syrian Electronic Army hacks 4 Wall Street Journal twitter accounts


Wall Street Journal was caught in the crossfire between the Syrian Electronic Army and Ira Winkler who is the CEO of security firm Secure Mentem.

The Syrian Electronic Army(SEA) hijacked four twitter accounts belong to WSJ : @WSJD,  WSJ Europe(@WSJPEurope), WSJ Africa(@WSJAfrica) and WSJ Vintage(@WSJVintage).

SEA posted the message "@Irawinkler is a cockroach" with a picture of Ira Winkler's head on the body of a cockroach.

The attack was carried out in response to a RSA Conference presentation in which Winkler talked about the hacking methods of the SEA and made fun of them.

In his presentation, Winkler also commented that "these people are like cockroaches of the Internet".

This is not the first attack carried out by SEA in response to this presentation.  Last month, the group also defaced the RSA Conference website and said "If there is a cockroach in the internet, it would be definitely you "

Wall Street Journal seems to have recovered the hijacked twitter accounts posted in twitter "We have secured our compromised Twitter accounts and they are now functioning normally."

British National Party's Twitter account and website hacked by Anonymous


A Hacker appears to affiliated with Anonymous hacktivists has hijacked the official twitter account of British National Party(BNP) and started to post anti-government and hateful messages.


The hacker also managed to deface one of the subdomains of BNP(British National Party Twitter account hacked by Anonymous ).  The defacement message simply says "Hacked by Anon_0x03, [redacted] the Government!"

When an user asked about the motive of the attack, the hacker simply replied that BNP is a random target.

"I'm not even from GB." the tweet posted from hacked BNP account(@BNP) reads.

It appears hackers have access to the account for more than 20 hours.  But, No one from BNP have noticed.  The recent tweet says "damn racist".

At the time of writing, the hacker has still access to the BNP twitter account and the subdomain is still defaced.

Justin Bieber Twitter account hacked, malicious url tweeted


Justin Bieber official twitter account which has more than 50 million followers has been hijacked by attackers to spread spam links from the account.

The attacker posted a tweet saying "Justin Bieber Cemberut? [Malicious link] " ( Cemberut is Indonesian word, it means  'Sullen').

The shortened link provided in the tweet leads to a .tk domain 'rumahfollowers[.]tk'.  At the time of writing, we are not able to access the site.  So, we are not able to determine exactly what has been delivered to users.

More than 13k users have favorited the spam tweets and over 7,000 users have re-tweeted them.  It means thousands of users might have followed the link and affected by this spam.

It is worth to note that this is not the first time his account being hijacked by attackers.  We are not sure how this time the account get compromised by the attacker. 

His team managed to recover the account and posted saying " all good now, we handled it".

Dubai Police's Twitter and other Social media accounts hacked by @TheHorsemenLulz

A hacker identified as @TheHorsemenLulz attacked Dubai Police's official Social media accounts including verified Twitter account with 258k followers.

"Dubai Police is spying on you, Isn’t it fair that we the people do the same back? hacked by @TheHorsemenLulz," message posted in the hijacked twitter account reads.

Hacker posted a number of screenshots in his twitter account, it shows that he also hijacked other social media accounts : Pinterest, Linkedin and Tumblr.

Dubai Police have regained access to their twitter account and the tweets posted by hacker have been removed from the feeds.

It appears the hacker has ddosed several websites including Central Bank of the United Arab Emirates, UAE Computer Emergency Response Team and Emirates Integrated Telecommunications Company.

CNN Twitter account and blog hacked by Syrian Electronic Army


Fake article posted by Syrian electronic Army

Just few hours ago, Syrian Electronic Army hijacked the official twitter account of CNN and started to posted series of tweets.

Hackers mentioned the hack is part of retaliation against CNN for "viciously lying reporting aimed at prolonging the suffering in #Syria."

"#CNN used its usual formula of present unverifiable information as truth, adopting a report by Qataris against #Syria." one of the tweets posted by hacker reads.

The group appears to have compromised the main twitter account @CNN and @natlsecuritycnn, main facebook page of CNN, CNN politics' facebook page.



"US Media strategy is now to hide the fact that the CIA controls and funds Al Qaeda by blaming #Syria instead for their terror. #SEA" Recent tweet from group reads.

The group also managed to compromise the "CNN Security Clearance", "Political Ticker", "The Lead", "The Situation Room" and "Crossfire" blogs.

The also managed to post a fake article entitled "BREAKING NEWS: US declares state of national emergency, State department reportedly out of reach"

  • http://security.blogs.cnn.com/2014/01/23/breaking-news-us-declares-state-of-national-emergency-state-department-reportedly-out-of-reach/
  • "China dumps all bonds, declares South China Sea closed zone ": http://politicalticker.blogs.cnn.com/2014/01/23/breaking-china-dumps-all-bonds-declares-south-china-sea-closed-zone/ 
  • http://situationroom.blogs.cnn.com/2014/01/23/breaking-china-dumps-all-bonds-declares-south-china-sea-closed-zone/


CNN confirmed the hack in their recent tweet saying " Some of our organization's social media accounts were compromised. We have secured those accounts and deleted unauthorized tweets."

Twitter account of Joe Simpson hacked, terrible tweets posted


Verified Twitter account of an English Mountaineer Joe Simpson hijacked by an unknown hacker and posted a series of horrible messages from his account.

According to US magazine, the hacker posted more than 40 horrible tweets including "I've used my 'name' and abused my power".

" I've molested multiple and can provide proof. Everyone should know.  Everyone should know," One of the tweets posted by hacker reads.

"For those who are wondering...my account has not been hacked but as I said I would remove those tweets...see I can get away with anything ;)" the hacker added in another tweet.

After sometime, Joe managed to regain the control to his account and removed the awful messages.

"My twitter account was hacked this evening and some terrible messages were sent from my account. My account has been reset now." In his tweet, Joe admitted his twitter was hacked.

Twitter account of Malindo Air hacked

Malindo Air, an airline based in Malaysia, has lost control of their tweets after hackers hijacked their twitter account.

Hacker managed to tweet a false message saying "Dear all, in view of the recent events, Malindo Air is giving away 100,000 free seats from today till end of the week."

When a Malaysian politician Tony Pua retweeted and asking whether "Hacked or real?".  The hackers responded with "damn real, yb".


However, Malindo Air representative told local news report that they are not giving 100,000 free seats and apologized for the inconvenience.

"Dear All, our twitter account has been hacked. Please do not entertain the hacker. We will get to the bottom of this problem. Thank you."

It appears they have not yet recovered the account, the tweet posted by the hacker still appears even after 20 hours. 

Social Media accounts, SMS service of Tahrir News hacked


Hackers break into the official twitter and facebook accounts of Tahrir News, the popular Egyptian newspaper and published false information, according to Softpedia report.

The organization has confirmed the security breach and informed their subscribers about the security breach in their website.

"The media company believes the Muslim Brotherhood has launched this attack in an effort to 'spread chaos and cause confusion among Egyptians.' "The softpedia report says.

The security breach forced the organization to temporarily shut down the SMS service which was also reportedly hijacked by the hackers.

At the time of writing, Twitter and Facebok accounts appears to be recovered and back to normal.

Twitter Accounts of Jordana Brewster, Zach Roerig and Pentagram Hacked

@
#Exclusive: Jordana Brewster, a Brazilian-American actress, best known for his role in Fast & Furious Movies, admitted that her twitter account was hijacked by cybercriminals.

According to followers report, the cyber criminals who hijacked the account has posted a spam tweet from her account.  The incident was first reported by Eduard Kovacs at Softpedia.

"please ignore tweets ( except for this one) my account seems to have been hacked" recent tweet from @JordanaBrewster reads.  "all good now".

Jordana Brewster twitter account hacked - Image : E Hacking News


I found she is not the only celebrity who fell victim to the twitter account hijack in this month.

Zach Roerig, an American actor who is best known for roles of Casey Hughes on As the World Turns, admitted that his twitter account was hacked.

"Burn 2 + inches off your waist losing up to 20 lbs of body fat in 28 days with hxxx://tinyurl. com/klwcpwq" The spam tweet reads. 

The recent tweet from @zach_roerig "Once again being hacked sucks" apparently shows that this is not the first time his account being hijacked by cyber criminals.


Zach Roerig twitter account hacked - Image : E Hacking News

The story does not end here, the official twitter account of Pentagram, a design studio that was founded in 1972 , is also got hacked.  Hackers posted the same spam tweet used in the Zach Roerig twitter hack.

"Dear Twitter followers, if you receive a direct message from us, please don't click on the link. We caught something that's going around."  The recent tweet from pentagram reads.

Pentagram official twitter account hacked - Image : E Hacking News

*Update*:
I just found the following twitter accounts also fell victim to the spam attack: Hart Hanson (@HartHanson), @NewsBreaker, Jane Ellison MP(@janeellisonmp).





*Update 2:
Twitter account of Justin Bethel (@Jbet26), an American football cornerback for the Arizona Cardinals of the National Football League, also got hacked and spreading spam tweets.


Update 3:
ESPN Reporter,  Mike Massaro also admitted that his account abused for spreading spam:


ESPN NFC East twitter account (@espn_nfceast ) is unavailable after hackers hijacked the account.

*Update 4:
 Graham DeLaet(@GrahamDeLaet ) ,a Canadian professional golfer who plays on the PGA Tour, also got hacked by the same group. 

Twitter Account Of Actress Stefanie Scott for sale in UnderGround hacking forum

A recent post on an underground hacking forum claimed to sell the Twitter account of the actress "Stefanie Scott" . This is one of the rare time's the attack can be prevented before it happens so I am releasing this  post in public interest.And to show how such celebrity accounts are sold by hackers.

Now lets analyze the post . First I am worried by his statement of "pm me for her twitter ETC" which point's that he is in control of MORE than her twitter account. And she seems oblivious to the fact that her account's might be hijacked because she tweeted about an hour ago and the sales thread has been opened way before that .

As you can see such accounts can go for 400$ or more .The account has 256,211 followers which is worth a lot.Most such hacks don't affect the celebrities as much as the followers whose computers or accounts might be hijacked as the result of following the links posted by a hacker posing as the celebrity. 

It is the responsibility of the celebrity to keep his/her account safe as they are not the only people affected, their fans often take the worst side of the attack.

PS: This might just be a scam by the user to rip off  other users but it seems unlikely since he is a higher level of user and would not like "scam reports" to be opened against him.I will update this article if I get more information. 

Canadian Ice Hockey Player Tyler Seguin says his Twitter Account hacked


Canadian Ice Hockey Player Tyler Seguin has temporarily closed his twitter
account after repeatedly hackers hijacked his twitter account to post offensive messages.

The account was reportedly hacked twice within a few days and has been misused to post anti-gay messages.

" We’ve addressed the issue directly with Tyler and we’ll continue to work on educating our players regarding the importance of their conduct on all forms of social media." Official statement from the Dallas Stars organization reads.

The last tweet posted by Seguin is about shutting down his twitter account "After repeated attempts by 'hackers' to try to damage my reputation I have decided to shut down my twitter account for a while."

Filipina actress Kathryn Bernardo's Twitter account hacked



It appears the 17-year old Filipina actress Kathryn Bernardo is the latest celebrity who fall victim to the cybercriminals who hijack twitter accounts of celebrities.

The hack was initially reported just before 5 hours by our friend Eduard Kovacs in Softpedia.

The hacker who has hijacked the account posted nothing other than a tweet reads "Hacked".


The tweet is there for more than 9 hours that made me to think whether the account is really hacked or not.  It has also been retweeted by more than thousand followers.

It doesn't sound like someone has hacked the account but it does look she herself posted the tweet.  We will update once we got more information on this.

Spammers hit Twitter account of famous novelist Salman Rushdie

Salman Rushdie, British Indian novelist and essayist, has become the latest victim of the celebrity twitter account hacks.

"Shed 20 lbs of weight off your belly in only 2 weeks hxxx://bit.ly/10KeTYV ” The tweet posted by the spammers , after compromising his twitter account @SalmanRushdie .

The link leads to a Spam website "hxxx://erzrl.latenightnews123.com" where the page title says "Miracle Weight Loss Proven to work". 


Salman has manged to recover his account and post the following tweet "Apologies. My twitter account was hacked. Have changed password so the Spam should stop."


Salman is not the only celebrity who fell victim to twitter account hijacks. Recently cybercriminals compromised the twitter accounts of Cher and Alec Baldwin posted a message about a diet brand.

Cybercriminals hijacked Twitter accounts of Cher and Alec Baldwin

American singer and actress Cher fell victim to the twitter account hacks.  Cybercriminals hijacked her account and posted a message about a diet brand.

She come to know about the security breach after her followers told her account was hijacked.

"You guys I’m really upset about this hacking thing ! What diet are you all talking about ?!" In one of the tweets , she said.

She is not the only celebrity whose account compromised by the cybercriminals.  There are a number of celebrities fell victim to the twitter account hijack.  The list includes Alec Baldwin, Australian model Miranda Kerr and Donald Trump.

"This fu**ing hacking weight loss shit. GOOOOOODDD!!!" Tweets posted by Alec Baldwin. "IGNORE this weight loss trash. I mean, I'm all for weight loss. But DAMN!!!"