Hackers are now targeting the Twitter accounts of human rights activists and journalists in an attempt to spread fake news in a new social media attack. The attack, dubbed "DoubleSwitch" has been observed in Venezuela, Bahrain and Myanmar so far.
According to digital rights group Access Now, hackers take over the account of an unsuspecting victim and switch out the password and linked email address to lock out the legitimate user.
Hackers use various methods to gain access to their victims' Twitter accounts, which are often 'verified' and have large followings, such as through phishing attacks.
The attackers then change the accounts' usernames, freeing them up to be used again, and then create a brand new account using the original username.
The hackers also link both accounts to a new email address so they receive any emails regarding the victim's fervent attempts to recover their accounts.
"When these victims attempted to recover their accounts, Twitter's confirmation emails went to the hijackers, who pretended that the issue had been resolved," the group said. "The hijackers then proceeded to delete one of the original accounts, making it even harder for the victim to recover it."
The Twitter accounts of Miguel Pizarro - a member of Venezuela's parliament - and journalist Milagros Socorro were both hijacked using this new attack method.
Although they were able to eventually recover their accounts, hackers had already exploited their compromised accounts to spread fake news, delete past tweets and harm their reputation.
Fake news is already shaking up Venezuela amid the political unrest and ongoing clashes between protesters and police as the Latin American country's government expands online surveillance and increasingly censors its internet and media.
"There are serious consequences to this form of attack," Access Now said. "Victims like Socorro and Pizarro lose time from their human rights work or journalism and the ability to communicate with their followers. The hijacker can exploit and abuse a victim's reach and influence, damaging their reputations.
"Some victims may never recover the initial account, and even when they can, they must spend significant time and effort to do so."
Access Now warns that Doubleswitch attacks can be carried out on other social media platforms such as Facebook and Instagram. However, users can protect themselves by enabling two-factor authentication.
"We recognise the risk of malicious actors seeking to mislead people," a Facebook spokesperson told Mashable in a statement.
"For our part, we are taking a multifaceted approach to help mitigate these risks, such as building a combination of automated and manual systems to block accounts used for fraudulent purposes, and we continue to encourage people to use two-factor authentication.
"As Access states, two-factor (multi-factor) authentication is an important security feature that Facebook offers to people that makes it much harder for an account to be compromised in the first place."
No comments:
Post a Comment