The hacking entity OurMine has scored another big name. The group hacked the Twitter account of Wikipedia’s co-founder and the hosting service Wikia, Jimmy Wales. The hack was carried out on 20 August 2016.
Details About the Hack
The OurMine team gained access to Wales’s account and posted the following messages:
“RIP Jimmy Wales
1966 — 2016
#RIPJimmyWales”
A few minutes later, OurMine posted another message:
“I confirm that Wikipedia is all lies
OurMine Team is the true
[Link to the OurMine site] “
The tweets were later deleted when Jimmy Wales got a hold of his Twitter account.
The latter post is typical of their campaign of self-promotion. OurMine claims that they’re not blackhat hackers, but a security firm that wants to demonstrate that nobody is safe from hacking. To do that, they’ve hacked a few celebrities Deadmau5 and PewDiePie, but their more notable attacks were carried out against notable figures in the IT sphere, like Facebook’s CEO Mark Zuckerberg, former Twitter CEO Dick Costolo, Google CEO Sundar Pichai, Yahoo CEO Marissa Mayer, and others. OurMine also claims to have access to Bill Gates’s accounts, but that remains unconfirmed. The hacks often implemented cross-posting to Twitter. That is to say; OurMine hacked accounts connected to Twitter and used them to post something. They have used Quora, Vine, Pinterest.
OurMine – Blackhat or Whitehat?
OurMine has always claimed that their hacks were made to promote security, to show that everyone can be hacked. They are right, as all these CEO’s could have had stronger security measures to their sites. Mark Zuckerberg was reported to use the same password, “dadada” on three separate social networking sites, Twitter, Linkedin, and Pinterest. Not using the same password across account is one of the most basic guidelines, and it’s surprising that CEOs of big corporations don’t do it.
OurMine often use the image bellow:
The hack likely wouldn’t have happened if the CEOs didn’t string their profile. A lot of sites offer the option to log into their system by using a Google+ or Facebook profile. That can save some time, as it doesn’t require you to make another account, but the connection between the sites can be used for hacking. If one site is accessed, the information it contains can be used to hack you social media profile.
Even though OurMine does demonstrate that everyone can be hacked, as they claim, that doesn’t make the group virtuous. Their end-goal is financial profit. OurMine provides “security scans” costing $5,000. The group offers these scans to let their customers know if they have unsecured accounts. The whole service smells fishy. The more advisable option is for users to avoid reusing and change their passwords frequently. The only thing OurMine will be likely to do is to abuse the information their too trusting customers are ready to provide.