OurMine is a hacking collective that is scaring IT giants, the list of victims is very long and include names like Mark Zuckerberg, Twitter co-founder Evan Williams, David Guetta Daniel Ek, former Twitter CEO Dick Costolo, the CEO and founder of Spotify, and many others.
The last victim in order of time is the CEO of Google, Suchar Pichai, members of the OurMine group have hacked his Quora account that was also linked to his Twitter accounts. The hackers have been posting messages on through the Pichai’s Quora account and shared them also with all the 508,000 Twitter followers.
Twitter promptly removed the messages, but it is easy to find them online, below a picture shared by Techworm.net.
As already occurred for other victims, it is likely that OurMine hackers have used data coming from other data breaches, but the hacking crew claims that it have used the exploits in their arsenal in order to obtain the login credentials of its illustrious victims.
Which is the motivation?
It seems that the OurMine group is linked to a Security Firm that is trying to obtain notoriety from the attacks and is offering its services to the targets, that evidently need them to avoid further incidents.
One of the messages posted by the group states:
“We are just testing people security (sic), we never change their passwords, we did it because there is other hackers can hack them and change everything.”
The OurMine group explained that it gained access to Pichai’s account by exploiting a security issue in Quora’s platform, the team also explained that it reported the flaw to the company that ignored its warning.
Quora’s users are advised, I strongly suggest you to avoid sharing same login credentials among several web services.
(Security Affairs – Sundar Pichai, OurMine Team)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.