2 min read

Twitter accounts of The Olympics and FC Barcelona hijacked by OurMine hacking group

Graham CLULEY

February 17, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Twitter accounts of The Olympics and FC Barcelona hijacked by OurMine hacking group

The International Olympic Committee and FC Barcelona are the latest victims of a spree of Twitter account hijacks orchestrated by the notorious OurMine gang.

But rather than abuse their access to the high profile accounts (@Olympics has six million followers, and @FCBarcelona has a jaw-dropping 31.9 million Twitter fans) to spread malicious links or scams, the OurMine hacking collective posted messages this weekend cheekily suggesting that the brands might want to improve their account security.

The account takeover must have been particularly embarrassing for FC Barcelona, which previously had its Twitter account fall foul of OurMine in 2017, when the hackers posted a message claiming a player from arch-rival Real Madrid had been signed-up to play for the football team.

OurMine almost apologetically referenced its previous successful compromise of FC Barcelona’s account, saying that the security was “better but still not the best.”

This is becoming something of a habit for FC Barcelona’s Twitter account. I recall that way back in 2014, the world-famous football club had its account hijacked by the notorious Syrian Electronic Army who, amongst other things, sent a “Special hi to Real Madrid.”

These latest compromises of the Olympics and FC Barcelona Twitter accounts do not appear to have involved the guessing or cracking of Twitter login passwords.

Instead, what links the unauthorised tweets are that they were posted via a third-party app – Audiense Connect.

Audiense Connect is a third-party Twitter marketing platform used by big brands to measure how well they are engaging with their audiences on the social network.

In a tweet posted this weekend, Audiense confirmed that it had suffered a security breach.

In subsequent updates, Audiense said that no passwords or financial information had been compromised. The company says that only three of its clients were affected.

The attack came one week after a similar attack by OurMine which saw the hackers post unauthorised messages from Facebook’s official Twitter account. That attack was possible because the hackers had broken into the account of a different third-party app, Khoros.

Clearly OurMine is finding all of this hacking pretty amusing, and are currently concentrating their efforts on third-party social media apps used by big brands.

If you use such services to communicate with your customers and to promote your firm’s brand online I would strongly recommend ensuring that you are following best practices in terms of strong, unique passwords and the use of two-factor authentication.

With layered security you can make it much more difficult for hacking groups like OurMine to send an unauthorised message to your brand’s millions of fans.

tags


Author



Right now

Top posts

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Israeli Authorities Seized Severs of Breached Company for Not Cooperating Israeli Authorities Seized Severs of Breached Company for Not Cooperating
Silviu STAHIE

July 04, 2022

1 min read
FTC warns LGBTQ+ community of extortion scams targeting them on dating apps FTC warns LGBTQ+ community of extortion scams targeting them on dating apps
Graham CLULEY

July 01, 2022

2 min read
OpenSea Breach Exposes 1.8 Million Email Addresses. How does it affect you? OpenSea Breach Exposes 1.8 Million Email Addresses. How does it affect you?
Radu CRAHMALIUC

June 30, 2022

3 min read