Followers of popular technology weblog Gizmodo have been faced with some very offensive tweets coming from the site’s Twitter account on Friday.
Many have accurately surmised that the account has been hijacked, and Gizmodo immediately started an investigation into how it happened.
First, they believed that former employee Mat Honan was responsible for the tweets, as the messages seemed to be coming from his Twitter account, which was liked with Gizmodo’s.
And they were partially right: the tweets were coming from there, but were not written by Honan. As it turns out, his Twitter account has also been compromised by the same attackers.
They call themselves “Clan VV3” and have, in the past, hijacked a number of high-profile Twitter and YouTube accounts.
Gizmodo has, fortunately, managed to regain control of their own Twitter account very soon and has already deleted the offending messages, but Honan hasn’t been so lucky: his Twitter account has been suspended for much longer, his Gmail account deleted, his iPhone, iPad and Macbook wiped clean.
As it turns out, the hackers managed to get access to his iCloud account and from there to his Gmail and Twitter accounts. He initially thought that the hackers managed to brute-force their way into iCloud, but has since discovered that wasn’t the case.
“Confirmed with both the hacker and Apple. It wasn’t password related. They got in via Apple tech support and some clever social engineering that let them bypass security questions. Apple has my Macbook and is trying to recover the data. I’m back in all my accounts that I know I was locked out of,” he wrote on his blog.
While he obviously couldn’t have prevented the iCloud compromise, he admits that the Google account is another matter, as he hasn’t set up two-factor authentication which would have prevented it being breached, and likely prevented the compromise of his Twitter account and that of Gizmodo.