Daniel Ek, the CEO and founder of Spotify is the recent victim in the series of cyberattacks being carried out on high-profile Twitter accounts. On Thursday morning, hackers got access to his Twitter account and posted the message below from his account:
The group behind this hack is OurMine, a three-person hacking team who is also responsible for breaking into the social media accounts of Facebook CEO Mark Zuckerberg, Channing Tatum, YouTubers Pewdiepie and Markiplier, Deadmau5, David Guetta, and former Twitter CEOs Dick Costolo and Ev Williams. In private messages send to Mic, OurMine told that when it first started hacking accounts, it would enter, remove private data and store information. Now, in order to promote security and its own service, it has rebranded as a “security group,” claiming to only hack people by leaving behind a kind public message boosting people to “upgrade” or ask it for help. The OurMine team set up a site where you can pay them to “scan” your website, personal account, or even the entire corporation for security vulnerabilities. https://twitter.com/notch/status/731962037471985664 Not everyone takes OurMine’s slang in good faith. When the group informed Deadmau5 that it was available to help him with his personal security, he told them, “I don’t give a f***,” and said the team could “go f***** crazy” if they wanted:
— Jack Goff (@OGsnapshotchris) May 23, 2016 The IP addresses used by the OurMine group were traced to Saudi Arabia by one hacker. Since, the OurMine team is routing their traffic through a system called a VPN (Virtual Private Network), it is difficult to find out where the hackers are coming from. While OurMine did not disclose where they are from, they however said that none of its members are from Saudi Arabia. So, how does OurMine hack these accounts? Someone in the security community doubt that OurMine is looking to bank on old password databases that have gone up for sale on dark markets, in the hope that major celebrities are included in those databases and they are still using their old passwords. On the other hand, OurMine claims that its method includes vulnerabilities in existing services used in common by those they have hacked, along with exploits that let it access the passwords celebrities have saved in their browsers. This is how they hacked Channing Tatum’s Twitter and YouTube accounts, where they left behind a link to their website. The team also left behind their theme song.
According to OurMine, when it was still a hacking team in 2014, it says that they had been approached by an Atlanta-based songwriter Lindee Link who wanted to make a theme song for their group. The group says it paid her $1,000 for a cover of Ariana Grande’s “One Last Time” with the words changed to be information security-themed. Since then, wherever it goes they leave the song behind. However, Link could not be reached for comment. Hacking group such as the Anonymous who use temporary principles to explain their hacks, in case of OurMine, it is forthright: It just wants people to use better security and occasionally pay them. If one has to go by what OurMine team has to say, the group has already made $16,500 by selling its services.