Misinformation, or "Fake News," has emerged equally a principal number for social media platforms, seeking to influence millions of people amongst incorrect propaganda as well as falsehoods.
In past times years, nosotros induce got seen how political parties as well as other groups induce got used spoofed social media profiles of influencers or leaders to spread misinformation, as well as most of the fourth dimension such techniques piece of occupation to successfully convince people into believing that the information is true.
Although social media services similar Facebook, Twitter, as well as Google, offers delineate concern human relationship verification (verified accounts amongst bluish tick) for populace figures, nosotros induce got seen hackers hijacking verified accounts to spread mistaken intelligence from legitimate delineate concern human relationship to their millions of followers.
Now, researchers induce got uncovered a new, cunning assault technique currently beingness used past times hackers to induce got over verified Twitter accounts as well as rename them to influential people inward guild to spread mistaken news.
Dubbed DoubleSwitch, the assault begins amongst a elementary delineate concern human relationship takeover, but as well as hence the hackers alter the username as well as display parent amongst the 1 having a large influence on social media.
According to a new report from digital rights grouping Access Now, hackers are targeting Twitter accounts of journalists, activists, as well as human rights defenders inward Venezuela, Bahrain, as well as Myanmar, unopen to of them were verified amongst a large number of followers.
This assault was discovered when 2 journalists — Milagros Socorro as well as Miguel Pizarro, a fellow member of Venezuela's parliament — were hacked as well as and hence renamed.
What's creepy? The hacker as well as hence registered a novel account, resembling amongst their master copy profiles, nether the master copy usernames (Twitter handles), but using the attacker's controlled e-mail addresses.
This means, every fourth dimension victims attempt out to recover their accounts using regular password reset option, the confirmation emails volition hold out sent to the hijacker, who pretends that the number has been resolved, making it almost impossible for the victims to recover their account.
Hackers as well as hence operate hijacked verified accounts, but renamed to unopen to other influence, to feed mistaken intelligence to the millions of followers of the master copy accounts.
While it's unclear how the hackers managed to hijack the verified users at the outset place, it is believed that the assault begins amongst malware or phishing attacks.
How DoubleSwitch Attack Works (Illustrated Example)
To illustrate how effective DoubleSwitch technique is, nosotros induce got prepared an representative below:
Let's say, a hacker somehow managed to hijack The Hacker News’ Twitter account (@thehackersnews), which is verified amongst 368,000 followers, where most of the are influencers inward Infosec community.
 |
| Original @thehackersnews Twitter Account |
 |
| Original Tim Cook Twitter Profile |
 |
| Hijacked @thehackersnews Account (Impersonates Tim Cook) |
The Second Switch: The hacker creates a novel Twitter delineate concern human relationship amongst the master copy username @thehackersnews, which volition hold out available, equally 1 time a Twitter delineate concern human relationship is deactivated, the handgrip for that delineate concern human relationship is freed for others to use.
But hear it, this novel Twitter delineate concern human relationship registered amongst our Twitter handgrip (@thehackersnews) volition non hold out verified amongst goose egg followers.
Locking the Legitimate Account Owner Out of its Account
In guild to teach out our delineate concern human relationship back, if nosotros operate password reset option, Twitter volition shipping the confirmation e-mail entirely to the attacker' e-mail id that he used to register the novel account.
So whatsoever movement past times the victim to find access to its delineate concern human relationship fails, equally the aggressor tin merely notify Twitter that the number has been resolved, locking out the legitimate delineate concern human relationship holder.
Fortunately, Twitter too offers an alternative way, an online form, to study delineate concern human relationship hacking incidents straight to the Twitter team, which as well as hence they review as well as investigate the number accordingly to assistance victims recover their accounts.
Using this method, Access Now helped the journalists find access to their accounts, but past times the fourth dimension they regained access, unopen to of the master copy delineate concern human relationship holder’s tweets were deleted, as well as the accounts were used to spread the mistaken intelligence virtually events inward Venezuela, confusing followers as well as damaging their reputations inward the process.
Access Now says the assault tin hold out conducted over Facebook as well as Instagram equally well, but users tin protect themselves past times enabling two-factor authentication characteristic offered past times the services.
Two-factor authentication uses 2 dissimilar methods inward an movement to verify a user's identity — a password as well as a one-time passcode (OTP) sent to the user's mobile hollo upwards — which makes it much harder for hackers to compromise an delineate concern human relationship inward the outset place.
However, two-factor verification is non an actual solution for the journalists, activists as well as human rights defenders inward countries similar Venezuela, equally they exercise non associate their personally-identifiable information similar hollo upwards numbers amongst their online accounts inward fearfulness of getting spied on.
