'OurMine' group briefly hijacked Facebook's Twitter and Instagram accounts
The Khoros marketing platform was once again a vector for the attack.
After Jack Dorsey's account was taken over by hackers (more than once), social media account takeovers can't get much bigger, but now Facebook itself has become a victim. The same "OurMine" hackers who sent messages from a bunch of NFL team accounts and @ESPN ahead of the Super Bowl apparently accessed Facebook's accounts on Twitter and Instagram, as well as the official Twitter account for Facebook Messenger.
In a statement, Twitter confirmed they were accessed via third-party platform (apparently Khoros, the same way the NFL accounts were compromised) and that it had locked access to them. Last week Khoros said it had addressed a vulnerability in its platform after an attack and suspicious behavior, but it appears the OurMine group still has a way to use it for their own methods. For the rest of us, it's probably a reminder to double check what third-party services you've allowed to access your account on Twitter and other platforms.
It was fun watching this battle between Facebook and hackers where hackers keep posting tweets and Facebook keeps deleting them pic.twitter.com/c7APEJn38I
— Jane Manchun Wong (@wongmjane) February 8, 2020