The official accounts of Facebook on Twitter and Instagram have been temporarily taken over and subsequently made illegible by a group of hackers known as OurMine.
Confirmed if hacked were:
- Facebook’s Twitter account (source)
- Facebook’s Instragram account (source)
- Twitter account of Facebook Messenger (source)
- Instagram account of Facebook Messenger (source)
All hacked accounts have now been restored to Facebook and the defacement items have been removed.
The attack was carried out by OurMine, the same hacker group that defaced Twitter, Instagram and Facebook accounts for the NFL, 15 NFL teams and sports TV station ESPN last week. The hacks took place before the Super Bowl, to earn the reputation of the group and media attention.
At the time, ZDNet reported that the unauthorized tweets on the Twitter timelines of NFL and its teams were posted via an app called Khoros, an app commonly used by digital marketing and public relations departments.
According to screenshots made by users today, the defacement tweets posted to Facebook’s Twitter accounts were posted via the same Khoros app.
Last week, a Khoros spokesperson told ZDNet that their platform had not been compromised during the NFL account defacements. In a statement, the NFL confirmed this addition that it detected individual attacks on all social media accounts of its teams.
The OurMine crew has a long history of breaking through high-profile social media accounts. The group enjoys media attention, which has always been their primary driver for these defacements. The list of hacks from the past contains celebrities such as:
- BuzzFeed (website defacement)
- TechCrunch (website defacement)
- Variety (website defacement)
- BBC (Twitter account)
- Play Station Network (Twitter account)
- Netflix (Twitter account)
- Marvel Studios (Twitter account)
- WWE (Twitter account)
- Game of Thrones (Twitter account)
- FC Barcelona (Twitter account)
- Real Madrid (Twitter and YouTube accounts)
- CNN (multiple Facebook accounts)
- New York Times (Twitter account)
- WikiLeaks (DNS hijacking, website defacement)
- Mark Zuckerberg (Facebook CEO, they hacked his Pinterest and Twitter profile)
- Dick Costolo (former CEO of Twitter, they hacked his Pinterest account and placed it on his Twitter account)
- Jack Dorsey (Twitter CEO, they hacked his Vine account and placed it on his Twitter account)
- Sundar Pichai (Google CEO, they hacked his Quora account and posted it to his Twitter profile)
- John Hanke (CEO of Niantic, they hacked his Quora account and placed it on his Twitter profile)
- Zach Klein (CEO of Vimeo, they hacked his Quora account and placed it on his Twitter profile)
- Ev Williams (co-founder of Twitter, Blogger and Medium, they hacked his Twitter account)
- Marissa Mayer (Yahoo CEO, they hacked her Twitter account)
- Jimmy Wales (former Wikipedia CEO, they hacked his Twitter account)
- Daniel Ek (CEO of Spotify, they hacked his Twitter account)
- Brendan Iribe (CEO of Oculus Rift, they hacked his Twitter account)
- Adam Mosseri (Facebook VP, they hacked his Twitter account)
- Deadmau5 (music DJ, Twitter account)
- David Guetta (music DJ, Twitter account)
- Channing Tatum (actor, Twitter account)
- Drake (music artist, Twitter account)
- … and many other celebrities such as Lana Del Rey, Pewdiepie, Alexa Losey, Kylie Jenner and many YouTube stars.