Hacktivists hacked Twitter account of Associated Press to post fake news

Recently hackers have intensified the number of attacks against corporate social media accounts, the Twitter account is most targeted ones due the high interest of businesses in this comfortable communication channel.

Various the companies that have recently been hacked on Twitter including 60 Minutes, 48 Hours and a Denver news affiliate, The New York Times, The Wall Street Journal, The Washington Post, Burger King and the Jeep car company … and the list is not ended.

Last Tuesday hackers compromised the Associated Press Twitter account and posted a fake news about two explosions at the White house and discussing the news that President Obama was injured.

The news has obviously sparked great dismay, especially for the emotional wave of recent attacks in the Boston Marathon, fortunately immediately came the denial, Twitter promptly suspended the account and Julie Pace, chief White House correspondent for the AP, announced that the news was not real and consequence of account hack.

But few minutes were enough to influence, even if temporarily, the indexes of the Dow Jones, we live in the digital age and this is proof of the power of information.

Who has hacked the account?

The Syrian Electronic Army claimed responsibility for the attack with the following message

”RT @official_sea6: Ops! @AP get owned by Syrian Electronic Army! #SEA #Syria #ByeByeObama pic.twitter.com/uHbfbIOItr”

The group is not new to this type of attacks, last year it hacked social media account of the news agency Al Arabia to spread bogus news on explosion in Qatar.

 

 

How to hack a social media account?

There are various ways to compromise an account such as:

• Hackers could steal credentials to the victims with a malware based attack or using social engineering techniques.
• Hackers could find credentials for an account protected with a weak password.
• Surfing on a compromised network.
• Account manager could be victims of a spear phishing attack.
• Entrusting credentials to a malicious third-party application or web service.

Of course the implementation of a strong authentication could solve the problem, that’s the way some of the principal web service provider, such as email providers, has started to implement it.  In this case the attackers need more that credential knowledge, typically he also needs to own a “token” that could be software or hardware to access to the services.

The recent incidents confirms Twitter needs a stronger authentication process, at least for big companies and most popular accounts.

I hope similar events do not recur again …

Pierluigi Paganini

(Security Affairs – Hacking)