Hackers hijack social media accounts for the NFL and 15 teams
Two NFL teams had their official Twitter accounts hijacked on consecutive days; the Chicago Bears on Sunday and the Green Bay Packers on Monday.
Both hacks were claimed by a group of hackers going by the name of OurMine. Believed to be a group of Saudi teenagers, the group has been active since 2016, and has made a reputation for itself by hijacking the social media accounts of high-profile celebrities and tech CEOs, such as Mark Zuckerberg, Jack Dorsey, or Sundar Pichai.
The hackers have been dormant for more than two years, since September 2017, when they stole and leaked files they claimed they acquired from Vevo's internal servers.
The group made a comeback on Sunday when they hijacked the Twitter account for NFL team the Chicago Bears.
In three tweets posted on the team's Twitter account, the group jokingly announced a new Saudi sheikh as owner, announced the trade of star player Khalil Mack for $1, and later claimed responsability for the hack before the Bears PR team regained control over their account.
OurMine resurfaced today with a similar stunt against the Bears' historical rival, the Green Bay Packers. This time around, the hackers appear to have taken control over the Packers Twitter account by first hijacking the Packers' Khoros account.
Khoros is a web service used by digital marketing and public relations departments to gauge social media engagements, and is often connected to a Twitter account as a third-party app.
In addition to these two teams, the OurMine crew also claimed to have gained access to the Twitter accounts for other NFL teams such as the Houston Texans, the Bufallo Bills, the Minnesota Vikings, and Super Bowl participants the Kansas City Chiefs.
No OurMine tweets were found on these accounts; however, the accounts for the Bills and Chiefs were misteriously missing their avatars, similarly to how the Bears and Packers Twitter accounts looked while being defaced.
The Bears and Packers now join a long list of celebrities, companies, and Silicon Valley CEOs who had their social media accounts hacked:
- BuzzFeed (website defacement)
- TechCrunch (website defacement)
- Variety (website defacement)
- BBC (Twitter account)
- Play Station Network (Twitter account)
- Netflix (Twitter account)
- Marvel Studios (Twitter account)
- WWE (Twitter account)
- Game of Thrones (Twitter account)
- FC Barcelona (Twitter account)
- Real Madrid (Twitter and YouTube accounts)
- CNN (multiple Facebook accounts)
- New York Times (Twitter account)
- WikiLeaks (DNS hijacking, website defacement)
- Mark Zuckerberg (Facebook CEO, they hacked his Pinterest and Twitter profile)
- Dick Costolo (former Twitter CEO, they hacked his Pinterest account and cross-posted to his Twitter account)
- Jack Dorsey (Twitter CEO, they hacked his Vine account and cross-posted to his Twitter account)
- Sundar Pichai (Google CEO, they hacked his Quora account and cross-posted to his Twitter profile)
- John Hanke (Niantic CEO, they hacked his Quora account and cross-posted to his Twitter profile)
- Zach Klein (Vimeo CEO, they hacked his Quora account and cross-posted to his Twitter profile)
- Ev Williams (Twitter, Blogger, and Medium co-founder, they hacked his Twitter account)
- Marissa Mayer (Yahoo CEO, they hacked her Twitter account)
- Jimmy Wales (former Wikipedia CEO, they hacked his Twitter account)
- Daniel Ek (Spotify CEO, they hacked his Twitter account)
- Brendan Iribe (Oculus Rift CEO, they hacked his Twitter account)
- Adam Mosseri (Facebook VP, they hacked his Twitter account)
- Deadmau5 (music DJ, Twitter account)
- David Guetta(music DJ, Twitter account)
- Channing Tatum (actor, Twitter account)
- Drake (music artist, Twitter account)
- ... and loads of other celebrities such as Lana Del Rey, Pewdiepie, Alexa Losey, Kylie Jenner, and many YouTube stars.
In most of these hacks, OurMine gained access to accounts after account owners reused passwords and had failed to protect their accounts with two-factor authentication.
Further, OurMine also engaged in other forms of cybercrime, often hacking forums and legitimate companies and putting their data up for sale online -- using the reputation they forged by hacking tech CEOs to boost their sales on underground forums.
from Latest Topic for ZDNet in... https://ift.tt/3aPVtK3