June 19, 2021

How Apple helped attacker hack Gizmodo’s Twitter account

(LiveHacking.com) — Over the weekend, a hacking group know has Clan VV3 gained control of Gizmodo’s Twitter account and sent offensive messages to Gizmodo’s 415,000 followers. The hacking of such a high profile Twitter account is a serious thing, but what is even more startling is the way that the hackers did it.

It all starts with Mat Honan, a former Gizmodo employee. The hackers managed to breached Mat’s iCloud account by using some clever social engineering that let them bypass Apple’s security questions. Once they had tricked Apple, the hackers proceeded to reset all of Mat’s accounts and devices. They sent remote wipe commands to Mat’s iPhone, iPad and MacBook.

The backup email address to Mat’s Gmail account was the .mac email address which had just been hacked. The hackers used this to issue a password recovery email to that address and subsequently took over his Gmail. A few minutes after that, they took over his Twitter account. And because Mat had linked his Twitter to Gizmodo’s account, the hackers were then able to gain entry to that as well.

Mat has confirmed with AppleCare how the hacker was able to get control of his accounts and Mat is planning to publish all the details on Wired (his current employer). However he has emailed Tim Cook and Apple PR to give them a chance to comment. Although there has been no response from Tim Cook, Mat did get an urgent call from AppleCare ten minutes after sending the emails, informing him that the situation had been escalated.

What can be learned from this sorry story is that social engineering still remains a powerful and effective means used by hackers to breach security. In this case it seems that Apple are to blame and since everything was linked (some how) to Mat’s iCloud account, the hacker was able to take control of Mat’s Gmail, Mat’s Twitter account and of course Gizmodo’s Twitter account.

User data published after Gawker server break-in

Blog operator Gawker Media has asked the users of the Gizmodo, Gawker, Deadspin, Kotaku, Jezebel, IO9, Jalopnik and Lifehacker blogs to change their passwords. The reason for the request was that the company’s servers were hacked by a group called “Gnosis”, who copied and published sensitive company data, as well as users’ account details, to an online torrent web site.

Read the full story here.