Facebook accounts in Twitter and Instagram were hacked

Since the use of social media became massive, cybercriminal groups have devoted considerable efforts to finding ways to breach the security of these platforms. Over the past weekend, official Facebook accounts on Twitter and Instagram were compromised by a group of hackers. Reports indicate that the cybersecurity incident is the responsibility of the self-named hacking group “OurMine”.

By taking control of the attacked accounts, OurMine hackers began posting images with their logo, adding a message: “While their security is better than Twitter’s, even Facebook is hackeable.” Soon after, social media companies announced that account control had already been restored to the companies.

OurMine message posted in Facebook’s official Twitter account

Subsequent reports mention that the hackers’ intention was to demonstrate the presence of some security vulnerabilities on attacked social networks. A couple of weeks ago, professionals and cybersecurity enthusiasts reported the hacking of the Twitter accounts of multiple Teams of the US National Football League (NFL), an incident that was also attributed to OurMine hackers.

Regarding the incident, Facebook mentioned that the attack was limited to the accounts of social media platforms, while Twitter announced that the identified accounts were deactivated as soon as the cybersecurity incident was detected, which required joint work of the security teams of both companies.

OurMine logo posted in Facebook’s official Instagram account

Although unauthorized posts have already been deleted, dozens of social media users noticed anomalous activity and had time to take some screenshots that show the presence of hackers on compromised platforms. In some of these posts, OurMine identified themselves as a group of white hat hackers (ethical hackers) without malicious intentions. However, the cybersecurity community doubts on OurMine good intentions, as its methods are clearly a form of illicit activity that includes hacking methods such as brute force attacks, theft of login credentials, among others.

In previous years, the International Institute of Cyber Security (IICS) attributed some similar incidents to OurMine, such as the attack on Jimmy Wales, co-founder of Wikipedia, against Twitter CEO Jack Dorsey and the hacking attempt against Sundar Pichai, CEO of Google.