Hackers supporting ISIS have recently been spreading terrorist propaganda on social media by hijacking old, largely abandoned Twitter accounts that were never confirmed via email by their rightful owners, TechCrunch reported on Wednesday.
Generally, the impacted accounts were inactive for long periods of time before they were taken over. Reportedly, many were compromised over the last few days and weeks, while some others have been affected for longer periods of time.
The problem is that some Twitter accounts were created using email addresses that either never truly existed or expired. This allows hackers to commandeer the account by actually creating or recreating the email address that was used to open it in the first place. "This issue has been around for a while but no one really knew and took advantage of it," said hacker, security researcher and ISIS watchdog WauchulaGhost, TechCrunch reported.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.