Latest in Gear

Image credit:

OurMine 'hackers' are targeting news sites now

TechCrunch fell foul of an account takeover.
715 Shares
Share
Tweet
Share

Sponsored Links

OurMine has been making quite a name for itself this summer, pulling off account takeovers of several high-profile targets. Celebrities have, for the most part, been the target, with the most recent attacks being on Sony's Shuhei Yoshida and Star Trek actor William Shatner. But today, OurMine gained access to the backend of Engadget's sister news site TechCrunch, marking a significant change in target.

OurMine considers itself an "elite" and "professional" hacker group, and aims to make money by charging companies and individuals to discover vulnerabilities in their account. We wrote extensively about its attempts to essentially extort companies last week, targeting high-profile accounts in order to promote its paid services.

Yet again, rather than being a bonafide hack, this seems to be a relatively simple case of gaining access via poor password practices. The group appears to have entered the site's CMS (content management system) via a writer's account. It's likely, although not sure, that the account in question used the same password across multiple services. OurMine published an article under the writer's name, put banners at the top of the site, and, as is par for course for the group, encouraged the owner of the account to write in to retrieve their accounts.

Because of the limited nature of the "hack," TechCrunch was able to quickly roll back the changes OurMine made to its site. The erroneous post was deleted within minutes, and the banners and other accoutrements added to its homepage were removed soon after. While TechCrunch says it's still looking into exactly what happened, it seems the situation is under control for now.

Update: TechCrunch has published a post-mortem on the attack, including the following statement:

"An unauthorized individual compromised the WordPress account of one of our TechCrunch writers and used the account to post a story. This was an isolated instance and we have secured the account. There was no risk posed to our readers or their data."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
715 Shares
Share
Tweet
Share

Popular on Engadget

‘Harry Potter: Wizards Unite’ gathered location data while users slept

‘Harry Potter: Wizards Unite’ gathered location data while users slept

View
Yahoo is shutting down its Groups website and deleting all content

Yahoo is shutting down its Groups website and deleting all content

View
Google discontinues Clips, the AI-powered camera you forgot about

Google discontinues Clips, the AI-powered camera you forgot about

View
Netflix grows to 158 million subscribers as Disney+ looms

Netflix grows to 158 million subscribers as Disney+ looms

View
Virgin Galactic passengers will wear these Under Armour spacesuits

Virgin Galactic passengers will wear these Under Armour spacesuits

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr