The hacker group OurMine strikes again, this time hitting official Netflix US and multiple Marvel Twitter accounts to raise concerns about poor password security and to promote their security services. The group is behind other high-profile social media hacks from the past year, including TechCrunch, Hollywood star Channing Tatum, Google CEO Sundar Pichai, Facebook CEO Mark Zuckerberg and Uber CEO Travis Kalanick.
“Hey, it’s OurMine, Don’t worry we are just testing your security, contact us to tell you more about that firstname.lastname@example.org,” read their Twitter message.
The small hacker group is made up of young people, according to a TechCrunch investigation, while BuzzFeed News confirmed “that one of the OurMine crew is likely a young man living in Saudi Arabia who goes by the name “Ahmad Makki” on social media.” Right after the information was posted, Our Mine hacked BuzzFeed
Judging from previous hacks, OurMine is not about exploiting the compromised accounts, but promoting their security services by testing password strength and inviting users to update their security on their website.
When asked to comment, Marvel said they were investigating the hack and would take action as soon as possible.
There are no clear details on their operating mode. The hacking group might be using the weak passwords leaked in previous large breaches such as LinkedIn or Twitter-authorized apps. To avoid similar situations in the future, users should regularly change their passwords and check which apps have been authorized to access their Twitter accounts, as they may allow hackers into their accounts.