OurMine Hackers Target Facebook’s Social Accounts

Posted on 12 February 2020

In another turn for the social media giant, Facebook’s own accounts were temporarily hijacked by a group of hackers last week. Here’s what happened.

 

Facebook seemingly never tires of hitting the headlines. The Silicon Valley corporation’s latest dalliance with the media came after a hacking group took control of the brand’s official accounts on Twitter and Instagram, all in the name of proving that “even Facebook is hackable”.

 

While this isn’t the first time Facebook has had security issues, it certainly is the first time the social media giant has had its presence on other platforms targeted.

 

Who Was Responsible?

Dubai-based hacking group OurMine was quick to claim responsibility by posting the following (rather bold) message to Facebook’s Twitter account:

 

OurMine
Image via BBC News

The culprits didn’t stop there, however, also targeting Facebook and Messenger’s Instagram accounts, posting pictures of their logo to the two accounts’ combined follower count of 4 million people. Even though all of these accounts were recovered and the offending posts quickly deleted, this hack definitely made an impression.

 

Now, that’s certainly one way to draw attention to your services – but not one we’re willing to emulate any time soon..

 

 

Sounds Familiar?

If the name rings a bell, it might be because OurMine also made headlines just a couple of weeks ago. In late January, OurMine hacked into the Twitter and Facebook accounts of almost half the NFL., as well as some ESPN social accounts. Additionally, this hacking group have also found their way into Netflix’s corporate social media account, plus the accounts of Twitter founder Jack Dorsey, and Alphabet CEO Sundar Pichai.

 

This gives us something of an idea of OurMine’s modus operandi: hacking into high profile social accounts to expose vulnerabilities and advertise their security services. Unfortunately for them, their actions resulted in OurMine’s Twitter account being dealt a suspension.

 

 

How Did it Happen?

So, how did OurMine find their way into Facebook’s social accounts? Was the fault with Facebook HQ’s password management, or Twitter’s account security? Turns out, it was neither, as the hacking occurred via a third-party platform called Khoros.

 

Khoros is a marketing platform that organisations use to manage their social media communications. Not only did Facebook use this, but so did OurMine’s previous targets, the NFL. Marketing platforms like Khoros typically have access to a treasure trove of passwords and other customer login details, making them a tempting target. Following this incident, Khoros has yet to comment.

 

 

 

What’s the Impact?

While it seems as though OurMine’s antics got the hackers the attention they wanted, the same can’t be said for Facebook, Twitter, Instagram, and the other parties affected. Hackers publicly exploiting a vulnerability within an organisation can cause serious reputational damage. This comes at a time when trust in social media platforms is hardly soaring.

 

What we can learn from situations like this is the importance of regulating third party apps. While it’s unknown whether Khoros was approved by Facebook’s IT department, doing a clean sweep of your teams’ third party apps to avoid Shadow IT can’t hurt. Updating systems regularly to keep on top of patches also stops hackers from exploiting vulnerabilities within the apps that your teams use. Educating users in all aspects of the business (from IT to Social Media Marketing) is also crucial to avoid a hijacking attempt from hackers.

 

Whether or not Facebook or its peers will find their way into the headlines for another security breach again in the near future remains to be seen. Luckily for everyone else, their misfortune provides some clear lessons on securing customer data and online accounts – all of which will make the world of difference when threats come knocking.

 

Keen to secure your organisation and keep hackers at bay? Get in touch with our team of experts and let’s talk identity and security.

A few people we've already done it for
X