Almost five years have passed since the Robin Hoods of cyberspace appeared. A group of hackers calling themselves OurMine arrived in July 2015 with the purported mission of educating users and educating them on how to protect themselves online. However, this favor has cost very expensive to large international companies that have been involved in the dilemma of access or not to blackmail millionaires in which, even without giving in, they suffered great robberies whose value was supposedly “to the poor”.
Then, after several cyberattacks, on January 27 of this year he announces his return with a series of attacks on the NFL Twitter accounts and his teams, just when they are focused on their training. Among the affected franchises are San Francisco 49ers and Kansas City Chiefs, teams that dispute the Super Bowl LIV title.
In addition to the tweets, since Sunday the 26th the accounts presented unusual changes such as the deletion of their photos.
The victims of this hacking group have received various cyber attacks, from DDoS to the hacking of their social media accounts. In this way they have achieved what many consider to be their real mission: to capture world attention and be recognized as a group of hackers who must be taken seriously.
These types of cyberattacks damage the image and reputation of companies, as they have sometimes had to resort to extortion in order to regain control of their accounts. In addition, it becomes the gateway to commit user and customer data leaks, or to obtain information with which they may violate websites or databases.
In this context, we tell you about some of the most notorious cases in which OurMine got away with attacking the social networks of different personalities and multinational companies:
In June 2016, El País reported how the founder of one of the most important technology companies in recent years has violated the security of his Twitter and Pinterest accounts. Hackers took advantage of the fact that Zuckerberg made one of the worst mistakes on the Internet: using the same password.
Once they obtained their LinkedIn credentials during a robbery in 2012, they gained control of their other social networks a few years later. “Hi Mark Zuckerberg, you were in the LinkedIn database. Send a private message to try it out,” the hackers tweeted from the Twitter account and on Pinterest changed the name to “Hacked By OurMine Team”.
In December 2016, the Netflix account in the United States was also hacked, the group of cybercriminals published several tweets with a mocking tone. “World security sucks. We’re here to prove it,” read one of the messages that lasted no more than 10 minutes online. According to Reuters, OurMine confirmed their responsibility for the hack via email.
Marvel and its characters
Also in late 2016, the comic publisher’s Twitter account, along with those of The Avengers, Ant Man, Captain America, Tony Stark and an unverified account of the Incredible Man, were the targets of more attacks. Again he just left the message “Hello, we are OurMine. Don’t worry, we are just testing your security.”
The hacking group told CNET that they hacked into the Marvel account “by going directly to their Twitter account and then entering superhero accounts through the Tweetdeck platform.”
On the same dates, OurMine intervened the Twitter account of the National Football League for 15 minutes, during which time it published a single tweet “Hello, it is OurMine, don’t worry, we are just testing your security, contact us to tell you more about it, “minutes later it was deleted. Both the social network and the NFL declined to comment on it.
In August 2017, the Japanese video game company went through a moment of great tension when the group of hackers managed to access their Twitter account through the social media management tool Sprout Social.
This infiltration seemed to be the start of a cyberattack that would get them in serious trouble, as OurMine stated its intention to leak the PlayStation Network database; however, moments later they ruled out the possibility, since they assured that they were only looking to explain the security breaches they found.
In August 2017, the famous Spanish soccer club lost control of its Twitter account. Two tweets were published by the group of hackers, the first confirmed the integration of Argentine soccer player Ángel Di María to the team; However, the second claimed that it was false information, so they invited those responsible for the account to contact them to “reach an agreement.” The tweets were removed and the situation was not heard from again.
After reading these cases, it is interesting to imagine how you or your company is exposed to cyber attacks if these large corporations, which surely do not lack a budget to invest in cyber protection, were victims of hackers who demonstrated that without major problems they attack whoever propose it. The millionaire losses and blackmails have never been transparent, the only thing that is clear to us is that OurMine did not arrive to become a philanthropic group of cybersecurity.