A hacking group took control of around half of the NFL’s teams’ official Twitter accounts Monday, plus the @NFL account, and now they’ve shifted their focus to ESPN. OurMine, a Saudi Arabia-based hacking group, posted messages on NFL numerous team accounts Monday advertising their security services, and Tuesday saw them take the main @ESPN account and several associated accounts, including @SportsCenter and @NBAonESPN. The tweets were quickly deleted, but they were screencapped (by Tim Burke, and by AA’s Ben Koo).
Here’s a look at some of those:
This came after Monday’s activities, which saw OurMine take over 16 NFL team accounts. 15 of those were tracked by Dov Kleiman here, and the San Francisco 49ers confirmed to NBC News that they were hacked as well, but regained control before anything was posted. Their Super Bowl LIV opponents, the Kansas City Chiefs, were also amongst the teams hacked. Doha Madani of NBC News wrote that this hack appears to come from a Saudi group that was last publicly active in 2017:
Someone responded to questions from NBC News through an email account that appeared to belong to OurMine. The person said that OurMine stopped its work in 2017 “due to some issues” but that it was now back.
OurMine said it didn’t publicly take responsibility for the 49ers hack because, while it accessed the account, the platform locked it before OurMine was able to tweet. It did not say how it was able to access the various NFL accounts.
“We pick our targets randomly, and we already tried to contact them before the tweets but we didn’t receive any response yet,” the group said.
OurMine also said it believes the Chiefs will win the Super Bowl.
Well, at least they’re on the record about that. Meanwhile, the NFL provided this statement Tuesday:
On Monday, the NFL Cybersecurity department became aware of a breach of a league-related social media account. Targeted breaches and additional failed attempts were discovered across the league and team accounts. The NFL took immediate action and directed the teams to secure their social media accounts and prevent further unauthorized access. Simultaneously, the league alerted the social media platform providers and, with their assistance, secured all league and club accounts. We continue to work diligently with the teams, which have resumed normal operations.
The NFL and teams are cooperating with its social media platform providers and law enforcement.
How did this happen? Cybersecurity reporter Catalin Cimpanu of ZDNet relayed that both the NFL and ESPN hacks appear to come through a compromised third-party Khoros app:
https://twitter.com/campuscodi/status/1221964954036768768
https://twitter.com/campuscodi/status/1222257780444278787
[NBC News]
