Industry News

Twitter accounts of The Olympics and FC Barcelona hijacked by OurMine hacking group

The International Olympic Committee and FC Barcelona are the latest victims of a spree of Twitter account hijacks orchestrated by the notorious OurMine gang.

But rather than abuse their access to the high profile accounts (@Olympics has six million followers, and @FCBarcelona has a jaw-dropping 31.9 million Twitter fans) to spread malicious links or scams, the OurMine hacking collective posted messages this weekend cheekily suggesting that the brands might want to improve their account security.

The account takeover must have been particularly embarrassing for FC Barcelona, which previously had its Twitter account fall foul of OurMine in 2017, when the hackers posted a message claiming a player from arch-rival Real Madrid had been signed-up to play for the football team.

OurMine almost apologetically referenced its previous successful compromise of FC Barcelona’s account, saying that the security was “better but still not the best.”

This is becoming something of a habit for FC Barcelona’s Twitter account. I recall that way back in 2014, the world-famous football club had its account hijacked by the notorious Syrian Electronic Army who, amongst other things, sent a “Special hi to Real Madrid.”

These latest compromises of the Olympics and FC Barcelona Twitter accounts do not appear to have involved the guessing or cracking of Twitter login passwords.

Instead, what links the unauthorised tweets are that they were posted via a third-party app – Audiense Connect.

Audiense Connect is a third-party Twitter marketing platform used by big brands to measure how well they are engaging with their audiences on the social network.

In a tweet posted this weekend, Audiense confirmed that it had suffered a security breach.

In subsequent updates, Audiense said that no passwords or financial information had been compromised. The company says that only three of its clients were affected.

The attack came one week after a similar attack by OurMine which saw the hackers post unauthorised messages from Facebook’s official Twitter account. That attack was possible because the hackers had broken into the account of a different third-party app, Khoros.

Clearly OurMine is finding all of this hacking pretty amusing, and are currently concentrating their efforts on third-party social media apps used by big brands.

If you use such services to communicate with your customers and to promote your firm’s brand online I would strongly recommend ensuring that you are following best practices in terms of strong, unique passwords and the use of two-factor authentication.

With layered security you can make it much more difficult for hacking groups like OurMine to send an unauthorised message to your brand’s millions of fans.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.