OurMine Hacking Group Targets the NFL by Hijacking Multiple Facebook, Instagram, and Twitter Accounts

OurMine Attacks NFL Teams

Having your personal social media account taken over is not fun. If someone manages to break into it, they will not only get access to some deeply private data, but they'll also get a platform from which they can impersonate you and attack all your friends, relatives, co-workers, and people you've met online. While you probably have several hundred followers on your social network accounts, however, celebrities, sports clubs, and entertainment companies are followed by millions. You'd be forgiven for thinking that the people in charge of such accounts have taken every necessary precaution to ensure that any unauthorized access attempts are stopped well in advance. Unfortunately, the existence of a hacking group known as OurMine suggests that this is not the case.

OurMine is back

After a rather long hiatus, OurMine came back with a bang at the end of last week, when they compromised quite a few social media accounts in one quick swoop. The targets were the National Football League and about half of the teams that play in it. First, the hackers hit Chicago Bears' Twitter profile and, after using the platform to spread some fake news about a new team owner, they revealed that they had taken over the account. They then moved on to quite a few other American football teams.

According to the BBC, Kansas City Chiefs, Green Bay Packers, Dallas Cowboys, Denver Broncos, Indianapolis Colts, Houston Texans, New York Giants, Philadelphia Eagles, Tampa Bay Buccaneers, Los Angeles Chargers, San Francisco 49ers, Cleveland Browns, and Arizona Cardinals all had their Twitter accounts hacked. The microblogging platform account of the NFL itself wasn't spared, either, and some teams were also locked out of their Facebook and Instagram profiles.

OurMine's members removed the profile pictures, bios, and headers on some of the accounts, and they also sent a message. The hackers used the compromised accounts not only to announce that they're back but also to show everybody that "everything is hackable." Those of you familiar with this crew's previous attacks have heard this before.

Harmless fun or a serious threat

The OurMine hackers have a rather long legacy of successfully compromising high-profile social network accounts. Among their victims, you'll find global media outlets, streaming platforms, sports teams with enormous follower bases, famous DJs, YouTubers, singers, bloggers, and quite a few CEOs of major Silicon Valley companies, including Jack Dorsey and Mr. Social Media himself, Mark Zuckerberg. The attack from Sunday is not to be sniffed at, either. NFL's Twitter account alone, for example, has over 25 million followers.
The colossal number of people who follow these pages means that over the years, the OurMine hackers have been given numerous opportunities to cause quite a lot of damage. A phishing link posted on behalf of a popular account can attract many users, even in a limited period of time, but the OurMine hackers just don't seem to be interested in that.

Every time they attack an organization or a celebrity, they claim to do it in order to show the victims how poor their security is. When they took over Mark Zuckerberg's Twitter and Pinterest accounts in 2016, they even announced publicly that Facebook's CEO was using "dadada" as the password for some of his accounts. People might argue that by naming and shaming celebrities and large enterprises for their security mistakes, the OurMine hackers are teaching the rest of us a lesson.

We don't necessarily agree with that. As ZDNet pointed out, OurMine uses the notoriety it has gained around the high-profile social media attacks to boost its reputation on the underground markets where it sells stolen information. If the hackers really had good intentions, they would be working in the security industry and would be disclosing the vulnerabilities responsibly.

Nevertheless, we do hope that in the wake of yet another OurMine attack, users start to take notice. Even if you aren't responsible for a popular account with millions of followers, the combination of a strong, unique password and two-factor authentication could save you quite a lot of embarrassment.

By Duran
January 29, 2020
News
English
January 29, 2020
News

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Tips

Simple Tricks to Secure Your Facebook/Twitter Account

There are multiple ways to secure your social media account although regular users probably seldom think about their security when they log into their accounts. For them, it is more about sharing the experience and... Read more

July 18, 2018
Password Security

Instagram Accounts Can Be Hacked Using a Vicious Ray-Ban Scam

Have you seen advertisements posted on Instagram that offers designer sunglasses for practically nothing? Remember that if something sounds too good to be true, it is most likely a scam. The offers we are discussing... Read more

June 19, 2019
Password Security

How Instagram Accounts Get Hacked and How to Protect Yourself

Whether you're an Instagram personality or just a regular person using the platform to document snippets of your life, your account's security comes first. Just last month, Forbes noted that multiple Instagram users... Read more

May 16, 2018
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.