On Saturday, Ezra Klein, the Editor-in-Chief (EIC) of Vox.com had his Twitter feed turned into a promotional tool for services provided by OurMine. In recent weeks, the group has taken credit for several social media hacks, with victims that include Silicon Valley and Hollywood elites.
OurMine claims to be a security company, helping individuals and organizations secure their presence on the internet. However, they promote themselves by compromising the very social media channels they claim to protect.
In reality, most real security professionals see the group as a collective of script kiddies, using recycled passwords to access an account and claim it as an exploit or sophisticated hack.
Recent examples of the work/hacks OurMine has performed include the Twitter and Quora accounts Sundar Pichai, the CEO of Google, the Twitter account belonging to Mark Zuckerberg and the one used by his sister Randi, as well as accounts ran by YouTube star Markiplier, and actor Channing Tatum.
Since June, OurMine has targeted Food Network star Ree Drummond, AOL Co-Founder Steve Case, Spotify Founder Daniel Ek, Vox Media staffer Matthew Yglesias, Amazon CTO Werner Vogels, Upfront Ventures' Mark Suster, technologist Anil Dash, Uber CEO Travis Kalanick, and Sound Cloud founder Eric Wahlforss.
In each case, most experts have speculated that OurMine used recycled credentials, collected via recently leaked account lists such as those from MySpace, LinkedIn, and Tumblr, to pull off their "testing".
OurMine actually promotes these public tests on their website, where they offer security scanning of social media accounts for $30, while a full website scan can run from $150 to $5,000. Oddly, they collect payment via PayPal, which usually frowns on criminal activities.
Saturday's attack against Vox Media's EIC is just the latest example of the fallout stemming from this summer's massive leak of social media credentials. While it isn't clear if his credentials on Twitter were recycled, it fits the profile of the other incidents.
The real concern is that if his Twitter accounts were recycled and discovered on one of the larger lists of leaked accounts, that could lead to a CMS compromise at Vox.
At the time this post was written, Ezra Klein's Twitter account was still compromised.