On Friday hackers managed to get control over the Gizmodo tech news site’s Twitter account. This is an account with half a million followers. So, as you can imagine it is quite a horror story for the company concerned. The information required to hack into Gizmodo’s Twitter account was obtained from a former Gizmodo staff member, Mat Honan. Mr Honan didn’t give anyone the login/pass to any of his accounts linked to the Twitter account, but Apple Tech Support did!
A chain is only as strong as the weakest link
The “hacker” didn’t use brute force password cracking or any other such tool to get into Mr Honan’s accounts. Social engineering was reportedly used to get Apple tech support to bypass security questions. The initial access point for the hacker was Mr Honan’s iCloud account. Here’s how the events unfolded over time, quoted from Mr Honan’s Tumblr page;
- At 4:50 PM, someone got into my iCloud account, reset the password and sent the confirmation message about the reset to the trash.
- At 4:52 PM, they sent a Gmail password recovery email to the .mac account. Two minutes later, an email arrived notifying me that my Google Account password had changed.
- At 5:00 PM, they remote wiped my iPhone
- At 5:01 PM, they remote wiped my iPad
- At 5:05, they remote wiped my MacBook Air.
- A few minutes after that, they took over my Twitter. Because, a long time ago, I had linked my Twitter to Gizmodo’s they were then able to gain entry to that as well.
Famous for 15 minutes
The Gizmodo Twitter account was used by the hackers “Clan Vv3” to post racist and offensive messages between 5.15 and 5.30 US Pacific Time. Well connected Gizmodo and Gawker staff managed to get the account suspended in this short time thanks to a friend at Twitter.
Road to recovery
Mr Honan says Apple tech support is now working trying to recover his data on his wiped devices. He doesn’t have backups of a lot of the data “Apple tells me that the remote wipe is likely irrecoverable without serious forensics. Because I’m a jerk who doesn’t back up data, I’ve lost at more than a year’s worth of photos, emails, documents, and more. And, really, who knows what else.” That’s quite a lot to lose. However there is some hope for the MacBook data as the machine was powered down after the data deletion but before the data was written over in the remote wipe process. I think today is a good day to run a backup on my computer…