Facebook’s Unhackable Twitter and Instagram Accounts Hacked

Facebook’s official Twitter and Instagram accounts were hacked on 7 February 2020 by the same group that hacked ESPN and NFL’s official social media accounts, including almost half of the team’s social media accounts in the National Football League. Let’s see why this happened and what was Facebook’s stance on this.

Who Hacked Facebook’s accounts and why

A group named “OurMine” is a cybersecurity group who claim to be white hat hackers. This means that they have no malicious intent of stealing your data and work to secure vulnerabilities found online.

OurMine is an elite hacker group known for many hacks showing vulnerabilities in major systems.

OurMine claims to be a group of white hat hackers, which many disagree with

They aren’t considered white hat because of their marketing strategy, but it is a good way to market their skills (not that we support this) because it turns out that doing this gets them more attention and they don’t even have to pay for this marketing. They hacked these accounts to show how anyone’s account can be taken over.

If the official accounts of Facebook itself can be hacked, imagine how easy it would be to hack social media accounts run by you

OurMine Hacking and Way Forward

After hacking the official accounts of Facebook, they started marketing, and the internet went nuts. A brief war between Facebook and OurMine started as the hackers posted some stuff showing that they hacked the social media account, and Facebook kept deleting their tweets. Have a look at it yourself:

It was fun watching this battle between Facebook and hackers where hackers keep posting tweets and Facebook keeps deleting them pic.twitter.com/c7APEJn38I

— Jane Manchun Wong (@wongmjane) February 8, 2020

Facebook vs OurMine (The hackers)

Here are the posts and accounts that were hacked. The posts have been deleted but the damage has been done and is clearly visible

Facebook Twitter handle was compromised by a hacking group known as OurMine

A similar situation took place when the NFL team’s and player’s accounts were hacked. They were advertising themselves and claimed that everything is hackable. They also announced that they are back. NFL stated this after the incident:

On Monday, the NFL Cybersecurity department became aware of a breach of a league-related social media account. Targeted breaches and additional failed attempts were discovered across the league and team accounts. The NFL took immediate action and directed the teams to secure their social media accounts and prevent further unauthorized access. Simultaneously, the league alerted the social media platform providers and, with their assistance, secured all league and club accounts. We continue to work diligently with the teams, which have resumed normal operations.
The NFL and teams are cooperating with its social media platform providers and law enforcement.

NFL Compromised twitter account was the act of same hacking group which hacked Facebook Insta and Twitter accounts

How OurMine Hack all these accounts

Even though OurMine claims to have hacked Facebook, Twitter, and Instagram, actually, they hacked a third-party app. As you might have noticed that most of the posts on these accounts by OurMine were sent via Khoros. Khoros is an application that lets people handle their accounts. Twitter confirmed that this hacking fiesta was due to a third-party app; they did not name any, although it was clearly Khoros.

As soon as we were made aware of the issue, we locked the compromised accounts and are working closely with our partners at Facebook to restore them,

Twitter Statement on the Facebook account hack

Khoros is mainly used for handling business accounts that require marketing and analytical operations at a very larger scale. These accounts on Khoros have their login details and/or API based access, and this is probably the way OurMine gained access to these accounts. Khoros has not given any statement regarding the hacking fiasco and is still silent on the issue.

Conclusion

All these compromised accounts were most probably because of the app Khoros, but the hackers kept claiming that Facebook, Twitter, and Instagram are Hackable. Facebook accounts being compromised or data being leaked/stolen is not a new story, so could it mean the starting of something bad or perhaps this was all just a publicity stunt of OurMine that will fade away with time. Only time will tell but for now it surely does put Facebook and OurMine in the lime light. Whatever the situation is, you should always keep your Social Media Accounts Secured and Hack Free.