Pokémon Go CEO Twitter Account Hacked by OurMine

Pokémon Go CEO Twitter Account Hacked by OurMine

The OurMine hacking team has struck again, this time taking over the Twitter account of John Hanke, the CEO of Pokémon Go firm Niantic.

The hacking collective has made quite a name for itself in compromising social media accounts of famous businesspeople, including taking over the Twitter accounts of CEO Sundar Pichai, Facebook CEO Mark Zuckerberg and Twitter CEO Jack Dorsey. They also recently hit William Shatner, just for good measure.

The attackers used the commandeered website to tweet out that the hack was “for Brazil”—one of the countries that has yet to gain official access to the Pokémon Go internet sensation. The augmented reality game was first released in Australia and New Zealand on July 4th and was released in the United States right after—and has grown to be an obsession for millions. The game works with Google Maps, overlaying Pokemon gyms, beacons and the Pokemons themselves onto maps of neighborhoods. As users move around in the physical world, they collect and fight the Pokemon they run across.

An OurMine hacker told Forbes that while its members do not play the game, many people had requested that the group attack Hanke’s accounts. The same hacker said that they were able to get into Facebook as well, but didn’t do anything with it because the page has fewer than 1,000 followers.

“We are just trying to tell everyone that nobody is safe,” the hacker said.

And indeed, in addition to striking one for the gaming public of South America, OurMine has been styling itself as a “security firm,” so it also said that the takeover was a test of Hanke’s security, offering its services to help him upgrade.

“We have 2 reasons,” the hacker wrote. “1 – we are testing his security 2 -for brazil & argentina & chile [sic].”

The takeover would indicate that Hanke was simply using too easy a password. That was the case with the Zuck, whose hack was a result of an ill-advised decision to use “dadada” as his password, which lends itself to easy brute-forcing. In the case of Pichai, OurMine said they penetrated his account by exploiting a vulnerability in Quora’s platform.

Photo © Stoyan Yotov/Shutterstock.com

Source: Information Security Magazine