Mark Zuckerberg doesn't tweet much — in fact, he hasn't used that social network, in many ways a competitor to his Facebook, in four years. So when an unusual message appeared on his account Sunday, people took notice.
As it turns out, it wasn't Zuckerberg doing the tweeting — it was a notorious hacker group called OurMine, who briefly gained access to his Twitter and Pinterest profiles.
Hackers posted "proof" of their deed by tweeting from Zuckerberg's Twitter account, and changing the title of his Pinterest page to "Hacked By OurMine Team," with the message in the description saying "we are just testing your security." At the time of this writing, both accounts appear to have been returned to their owners, and offending tweets/posts are deleted.
Hackers also claim they've gotten access to Zuckerberg's Instagram account — a far more serious breach, given that Zuckerberg is active on Instagram and that Instagram is Facebook-owned — but nothing appears to have been changed on that account.
The OurMine group is tied to the theft of user credentials from the DayZ gaming community in Feb. 2016. They've also taken responsibility for the large-scale DDoS (distributed denial of service) attacks against several financial institutions in 2015.
In a tweet (now deleted, along with the group's Twitter account), OurMine claimed they got the password from the LinkedIn dump, a stash of usernames and passwords on the service dating from 2012 that recently got posted to the internet. If true, that would mean Zuckerberg is guilty of one of the worst transgressions in terms of online security: re-using the same password for multiple services.
Worse, if the hackers' claims are true, Zuckerberg was using an amazingly weak password, even for 2012's standards: "dadada." That's practically a recipe for getting hacked: Choose a bad password, use it on several sites, and then don't change it for several years. Sooner or later, at least one of those sites will get hacked, and then people are suddenly wondering why the CEO of the world's largest online social network is posting weird things on Twitter and Pinterest.
We've contacted Facebook for comment, but have not yet heard from them.
The attack on Zuckerberg's social accounts seems to be a part of a wave of similar high-profile hacks. Last week, Katy Perry's Twitter account was compromised, with the hacker hurling insults at her immense follower base. And NME reports several musicians' Twitter accounts were hacked over the weekend, most notably those of Keith Richards, Bon Iver and Tame Impala.
Have something to add to this story? Share it in the comments.
via Social Media http://on.mash.to/1tbBz5T
No comments:
Post a Comment