OurMine: After over two years of being dormant, the Saudi threat actor group OurMine has made a return. This time, the group attacked the Twitter accounts for various NFL entities this week, leading up to the National Football League’s (NFL) biggest event, the Super Bowl. The group managed to compromise the official Twitter accounts of 15 different teams throughout the NFL, as well as the official NFL Twitter account. The group has been vocal in their past and recent attacks, claiming that they are not there to create issues but to prove to anyone how easily social media accounts can be compromised by unwanted criminals. The method used to compromise Twitter accounts has not been announced. The threat group is notorious for using old and reused passwords found in data breaches to hijack their victim’s accounts. In many cases, the same password can be used across multiple accounts.
Analyst Notes
OurMine has been dormant for over two years, and with the abrupt stop to their campaigns, it was believed the group had either disbanded or ran out of leaked account passwords to compromise. The group has always targeted high profile people and organizations that have a large fan base and a great number of followers. The group always tries to appear helpful, letting compromised accounts know if they reached out to the group, they could have full access back and OurMine would work with the victim on better security. It is unclear why the group has come back at this time, but they appear to be excited and it is likely we will see more from this group in the coming weeks. As a general rule for all accounts, good security practices include, but are not limited to, using complex passwords unique to each account, and setting up multi-factor authentication for all accounts that support it. With multi-factor authentication enabled, even if an attacker manages to steal or guess a password, there is another layer of security that is harder to defeat. Using a password manager is a great way to keep passwords organized and unique for every account. Password managers are available on laptops and smart devices that sync together to make passwords accessible anywhere. More can be read here: https://www.zdnet.com/article/hackers-hijack-twitter-accounts-for-chicago-bears-and-green-bay-packers/
