Scriptkiddies Claim Fox News Twitter Account Hack

Tuesday, July 05, 2011



One of the Twitter accounts maintained by the Fox News organization was hijacked over the holiday weekend and used to post false messages claiming that President Barack Obama was assassinated.

The disturbing messages remained for several hours before being removed. The incident has been reported to the Secret Service and an investigation is underway.

The hack was claimed by a group calling themselves the "Scriptkiddies".

"We are looking to find information about corporations to assist with antisec [a concerted hacker attack on corporate and government security]. Fox News was selected because we figured their security would be just as much of a joke as their reporting," a purported member of the Scriptkiddies told Think Magazine.

A Fox News Twitter feed was hacked and used to publish false items that President Barack Obama had been killed.

Representatives of Fox News have requested Twitter present them with the details of the event and have asked to be provided with guidance on how to prevent further incidents.

"We will be requesting a detailed investigation from Twitter about how this occurred and measures to prevent future unauthorized access into accounts," said Jeff Misenti, Fox News Digital's vice president and general manager.

Twitter representatives released the following statement regarding the Fox News account hijacking:

While Twitter does monitor accounts for brute-force login attempts and similar methods of attack, we're unable to anticipate compromises that take place due to offsite behavior.

Generally speaking, we suggest using an e-mail address associated with your domain or, if you do not have one, using two-factor authentication or being aware of best practices around password security in order to prevent attacks.

We've heard from Fox News that they have identified the offsite vector that led to the compromise, and would encourage follow-up with them about the details of how that compromise took place.

The Scriptkiddies claim to be loosely associated with the rogue movement Anonymous who previously gained attention for DDoS attacks against PayPal, Visa, MasterCard, PostFinance Bank, Amazon, Bank of America, the U.S. Chamber of Commerce website, and for having breached the systems of security consultants HBGary Federal.

"I would consider us to be close in relation [to Anonymous], two of the members of our group were members of Anonymous... I was a member of Anonymous. We hope to be working with them soon," the alleged hacking group member said.

Anonymous last week released the "OpNewBlood Super Secret Security Handbook" (pdf) in an effort to recruit more would-be hacktivist types to further the Internet anarchy cause.

The tutorial-style guide instructs users on multiple subjects, particularly how to set up secure Internet Relay Chat (IRC) access for group discussion participation.

The publication is more evidence that hacktivist groups like Anonymous and the now supposedly defunct LulzSec are shifting tactics by moving away from conducting offensive operations themselves, and instead may be seeking to educate and enable others take up the cause.

Recently we have also seen the emergence of the Anonymous-backed School4lulz, a resource for hi-tech hooligans to learn the finer art of hacking, cross-site scripting, SQL injections, botnet herding, doxing, and tools of the trade.

Possibly Related Articles:
Twitter Headlines Obama Anonymous hackers Secret Service AntiSec Fox News Scriptkiddies
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.