On Monday, members of the Syrian Electronic
Army hacktivist group took command of The
Onion’s Twitter account. Posing as legitimate writers, the SEA posted
several jokes related to Israel and the civil war in Syria.
(For clarification, SEA is a pro-Assad organization.)
According to sources at The Onion the SEA used a phishing email attack on Onion staff members. The email included
a link that appeared to link to the Washington
Post, but in fact directed to a hacked website that displayed a fake Google
Apps login page. Evidently, one or two employees fell for the ruse and the SEA
gained access to their email accounts. From those email addresses, the SEA
launched yet another phishing attack and ultimately gained access to Twitter.
According to The Onion:
Coming from a trusted address, many staff members clicked the link, but most refrained from entering their login credentials. Two staff members did enter their credentials, one of whom had access to all our social media accounts.
Immediately after discovering the breach, The Onion’s tech team sent an email to
staff directing them to change their passwords. Unfortunately, this advice
spurred a third phishing attack from a compromised internal email address that
linked to a fake password-reset page. The SEA gained two more sets of
credentials from this last attack, allowing them to maintain control on Twitter
for an extended period of time.
It seems there couldn’t be a better time for
Twitter to move to two-factor authentication — something the company is already
working towards.
No comments:
Post a Comment