Hackers Spread Fake News on Twitter

It's Episode 6 of the Myki Security Report, and here are the top stories of the week:

  • Hackers are taking over verified twitter accounts to spread fake news.
  • Chinese apple employees might have sold your data.

Hackers are taking over verified twitter accounts to spread fake news:

You’ve probably noticed that social media services like Facebook, Twitter, and Instagram, offer a blue tick for verified accounts of public figures like celebrities or influencers. Verified Accounts are supposed to let you know what Twitter accounts are authentic and which ones are fake.

Researchers have uncovered a new, cunning attack technique that is being used by hackers to take over verified Twitter accounts and rename them to influential people in order to spread fake news to their millions of followers. Its called the DoubleSwitch and the attack begins with a simple account takeover using malware or a phishing attacks.

Its called the DoubleSwitch and the attack begins with a simple account takeover.

The hackers change the username and display name and profile picture to that of someone with a large influence on social media making it look like another person’s account.

This attack was actually discovered when two journalists, one of which is also a member of Venezuela's parliament, were hacked and then renamed.

How does it work? The hacker will hack into the verified account of journalist Bill O’Reilly with twitter handle @billoreilly for example, and change the password, associated email id, and the username into @realdonald_trump and associate their own email address to it. This means, every time the victim tries to recover the account using the password reset option, the confirmation email will be sent to the hacker, making it almost impossible for the victim to recover their account.

Now, the hacker holds a verified account in the name of @realdonald_trump and can feed fake news to thousands of followers - and many of them will believe without realizing the account is hijacked and the tweets from it are fake.

Now, the hacker holds a verified account in the name of @realdonald_trump and can feed fake news to thousands of followers.

The Worst Part: The hacker can now create a new Twitter account with the original username @billoreilly of the profile he hacked - which will be available, as once a Twitter account is deactivated by changing it to @realdonald_trump the handle for that account is freed for others to use.

How do I recover my account? Twitter offers an alternative online form, to report account hacking incidents directly to the Twitter team, which then they review and investigate the issue accordingly to help victims recover their accounts.

Using this method, digital rights agency Access Now helped the journalists regain access to their accounts, but by the time they regained access, some of the original account holder’s tweets were deleted, and the accounts were used to spread the fake news about events in Venezuela, confusing followers and damaging their reputations in the process.

Access Now says the attack can be conducted over Facebook and Instagram as well, but users can protect themselves by enabling two-factor authentication feature offered by the services.

Users can protect themselves by enabling two-factor authentication feature offered by the services.

Two-factor authentication is a one-time passcode (OTP) sent to the user's mobile phone — by SMS which has to be inputted in addition to the password to be logged in, which makes it much harder for hackers to compromise an account in the first place.

Chinese apple employees might have sold your data:

Chinese authorities have announced the arrest of around 22 people working as Apple distributors in a $7 million operation. They stole customers’ personal information from an internal Apple database and illegally sold it to Chinese black market vendors.

They stole customers’ personal information from an internal Apple database and illegally sold it to Chinese black market vendors.

These employees had access to Apple databases and they allegedly used their company's internal computer system to gather data which includes: usernames, email addresses, phone numbers, and Apple IDs and then sold it in the underground market for between ($1.47) and ($11.78) per data point.

Could you be affected? So far, the network has made a total of around $7.36 million. However, it is unclear if the data sold by the suspects belonged to only Chinese Apple users or global users as well.

Details about the arrest have not been revealed by the Chinese authorities at the moment, though the police statement suggests the Chinese authorities across four provinces arrested the suspects over the weekend, following a few months of investigation.

The authorities dismantled their online network and seized all "criminal tools," and announced that the suspects have been "detained on suspicion of infringing individuals’ privacy and illegally obtaining their digital personal information."

The authorities announced that the suspects have been "detained on suspicion of infringing individuals’ privacy and illegally obtaining their digital personal information."

Your personal data is profitable both for marketing companies to deliver targeted advertisements to you, and for hackers to carry out malicious hacking campaigns, including phishing attacks and other email scams.

Police are trying to capture and destroy the scammers' network, but users are advised to be vigilant while opening attachments in emails, clicking links in messages from unknown numbers and giving out any details on phone calls.


Check out some of our previous episodes here:
Can Governments Force You To Unlock Your Smartphone? Was British Airways Hacked? Zomato Gets Hacked! Google Docs Phishing Attack

Subscribe to our YouTube Channel for more videos!

Download the Myki Password Manager & Authenticator on Android and iPhone

The Myki Security Report is brought to you by the Myki Password Manager Team.