OurMine has claimed responsibility for hijacking the account of the New York Times Twitter video account (@nytvideo) on Sunday morning.
The video account, which has more than 250,000 followers, was used to post fake news involving a nonexistent missile attack from Russia against the United States, quoting a leaked statement from Russian President Vladimir Putin.
OurMine is a hacking group that has a history of compromising high-profile tweeters, including Mark Zuckerberg, Twitter co-founder Evan Williams, David Guetta, Daniel Ek, former Twitter CEO Dick Costolo, Twitter CEO Jack Dorsey, the CEO and founder of Spotify and Google CEO Sundar Pichai.
OurMine used its control of the video account to take responsibility for the faux message, saying that all was done in the name of good: “Message from OurMine: We detected unusual activity on the account and we re-hacked it to make sure if the account is hacked or not.” The group has been attempting to spin itself as a “security firm.”
However, researchers pointed out the danger of such actions:
“Hackers are realizing the power of social media over influential news sources like the New York Times, and are breaching accounts to try and essentially control or sway the news,” Michael Raggo, chief research scientist at ZeroFOX, told Infosecurity. “Twitter has become intertwined with our society and culture—with individuals turning to the platform to communicate, collaborate and stay informed on a global-scale. With that, if a hacker can overtake a credible profile and blast out provocative or false messages, it could trigger a knee-jerk public reaction impacting stock markets, threatening national security or even possibly sparking military tension.”
It also confirmed that it was behind the hijacking of the Sony Music’s Twitter account last month, when it tweeted a hoax about Britney Spears’ death.
The fake news and other tweets were quickly deleted: “We deleted a series of tweets published from this account earlier today without our authorization,” the Times said. “We are investigating the situation.”
Raggo noted that the Times should take a lesson from the incident: “Everyone in today’s always-connected society must be maintaining a high-level of security awareness, especially media companies, as they serve as news mouthpieces of our nation. Furthermore, as accounts continue to be hijacked, organizations need to enforce the same password policies as they do for the rest of their enterprise, in particular two-factor or two-step verification.”