Gizmodo's Twitter hijacked following hack of iCloud account
Posted on 06 August 2012.
Followers of popular technology weblog Gizmodo have been faced with some very offensive tweets coming from the site's Twitter account on Friday.


Many have accurately surmised that the account has been hijacked, and Gizmodo immediately started an investigation into how it happened.

First, they believed that former employee Mat Honan was responsible for the tweets, as the messages seemed to be coming from his Twitter account, which was liked with Gizmodo's.

And they were partially right: the tweets were coming from there, but were not written by Honan. As it turns out, his Twitter account has also been compromised by the same attackers.

They call themselves "Clan VV3" and have, in the past, hijacked a number of high-profile Twitter and YouTube accounts.

Gizmodo has, fortunately, managed to regain control of their own Twitter account very soon and has already deleted the offending messages, but Honan hasn't been so lucky: his Twitter account has been suspended for much longer, his Gmail account deleted, his iPhone, iPad and Macbook wiped clean.

As it turns out, the hackers managed to get access to his iCloud account and from there to his Gmail and Twitter accounts. He initially thought that the hackers managed to brute-force their way into iCloud, but has since discovered that wasn't the case.

"Confirmed with both the hacker and Apple. It wasnít password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions. Apple has my Macbook and is trying to recover the data. Iím back in all my accounts that I know I was locked out of," he wrote on his blog.

While he obviously couldn't have prevented the iCloud compromise, he admits that the Google account is another matter, as he hasn't set up two-factor authentication which would have prevented it being breached, and likely prevented the compromise of his Twitter account and that of Gizmodo.






Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Sep 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //