How The Onion's Twitter account was hacked
In a new blog post, the satirical news publication The Onion has outlined how hackers from the Syrian Electronic Army managed to take control of its Twitter account. There is much to be gained from understanding how the attack was pulled off, particularly given that the method used appears similar to those used on news organizations such as The Associated Press, The Guardian and others.
In this instance, the SEA started off its by sending phishing emails to various Onion employees starting on May 3. The emails contained a URL to a Washington Post address. Embedded within it, however, was a link that points to a hacked third-party website that redirects users to a phishing website. Styled to look like a Google (NASDAQ: GOOG) website, the phishing site requested Google Apps credentials to be keyed in--in effect stealing them--before redirecting unsuspecting users on to Gmail.
Three waves of phishing attempts were launched in total, culminating in five different accounts being compromised. Eventually, a company-wide password reset was enforced to weed out other breaches that may have remained undetected. You can read the full blow-by-blow of the attacks here.
It was quickly evident that the phishing attack was hardly complex, and relied heavily on luck. It targeted a few selected individuals at a time. Also, IT departments were deliberately left out in at least one instance. Ultimately, the incident shows how simple phishing attacks can be leveraged to compromise user passwords and that companies must teach users how to identify phishing attacks.
- check out this article at The Onion Tech Blog