Social media is now more of a necessity in every person’s day to day life. More than that, it has become a hacking hub for all the cyber criminals across the globe. Phishing, account hacks, and other cyber crimes have thwarted the history of social media. From leaking financial details to hacking celeb accounts, hackers have had success in almost every aspect of hacking social media.
With the rise of ethical hacking, social media is becoming a lot more safer for every user. Hackers now find it difficult to breach past the excellence of ethical hackers. However, hackers still find a way to tear apart all cyber security threats and fool users to fall into their trap. The only way how that can be avoided is by making more and more people of how hackers go on with their targets.
Indian Cyber Army (ICA) attempts in every possible way to spread cyber crime & safety awareness. To continue with that attempt, we have tried to bring you a list of 12 of the worst Social media cyber attacks internet has ever witnessed.
1. Sending Malwares via fake profiles.
Back in July 2017, hackers created a fake profile of a London-based photographer called Mia Ash and started sending out malwares to corporate employees, hoping to breach the cyber security threads of their organisation. The hackers ended up disseminating a Remote Access Trojan called the PupyRAT. The profile they had hacked into had followers across many Social media platforms.
2. Hacking through third party apps.
In early 2017, precisely in the month of March, hackers pounced on a loophole in a third party app called TwitterCounter and allowed themselves to hack a number of high profile Turkish twitter handles. The hijack was carried out when the relationship between The Netherlands and Turkey were not very good and key elections were slated soon in both the countries. The hacked twitter handles included names like Forbes, Starbucks, Nike, UNICEF, and a few more.
3. Adult Friend Finder.
In October 2016, 412.2 million accounts of the FriendFinder network from six databases were hacked. The hacked accounts included profiles from websites like penthouse.com, cams.com, I cams,com, and stripshow.com. They collected names, email addresses, and passwords that were protected only by the feeble SHA-1 Hashing Algorithm. 99% of the accounts were hacked even before Leakedsource.com could publish its analysis of the hacked data on November 14.
4. eBay data breached.
This is a bit old now but had a severe impact as around 145 million users had to compromise their names, addresses, dates of birth, and encrypted passwords. The cyber attack dates back to May 2014. In their statement eBay had stated that hackers hacked through the credentials of 3 of its corporate employees. Hackers had an inside access of eBay for a duration of 229 days. However, financial information was saved separately on another database and thus was not compromised.
5. US Government Employees Spearphished.
During the start of 2017, Russian operatives were able to phish around 10,000 US Government employees. They had sent phishing messages through social media and that contained malwares capable of handling the Russian operatives access of the victim’s device. In the cyber war between US and Russia, this is supposed to be till date the biggest major win for Russia.
6. HAMMERTOSS attack.
In July 2015, hackers had successfully managed to control social media accounts through the HAMMERTOSS malware. The malware automatically searched for commands posted on social media that allowed the hackers to control it via social media itself. The hackers behind this genius breakthrough had also carried out attacks against the White House, the Joint Chiefs of Staff, the State Department and other nation-state governments, such as Norway. The far fetched impact of this cyber attack clearly indicates why it is necessary for organisations like the Indian Cyber Army to come up and create few cyber security threads to help protect the privacy of every single internet user.
7. Financial Details leak.
The ultimate motto of almost every crime is money and hacking and other cyber crimes are no different. There are a number of ways hackers have formulated to get a person’s financial details through social media. Through links that look similar to any official bank’s website, scammers trap users to give in their financial details. Indian Cyber Army (ICA) tries its best to make more and more people aware of the consequences of these sorts of malicious links. It welcomes people to dial up its cyber crime helpline number to cross check the authenticity of any website they wish to visit.
8. LinkedIn Hacked.
This is one of the biggest let downs for all the cyber security systems prevailing online. World’s leading job portal, LinkedIn, was successfully hacked to leave the credentials of around 117 million users exposed. This is supposed to be one of the biggest data breaches till date though it took place back in 2012. The stolen credentials were sold on dark web as was found out later.
9. Social Accounts of the Associated Press hacked.
The power of media needs no introduction. It won’t be an overstatement to say media houses can control the world if properly used. Hackers had got access of accounts of the Associate Press and started posting out fake breaking news. One of the fake breaking news they had posted was that there was a bomb blast in the White House. The channel hacked had dropped 150 points, approximately worth $136 billion, before it could recover the hacked accounts.
10. 3.12TB Data got Exfiltrated after Vevo got hacked.
Hackers had managed to get hold of Vevo’s internal and confidential data after one of its employees fell prey to phishing via LinkedIn during September 2017. One of the leading stream providers, Vevo, had to suffer a massive loss due to the breakthrough and it took them quite a while to trace the trespass and cut it down. LinkedIn allows scammers to send messages on the pretext of recruitment which makes the scammers texts look much more authentic and realistic.
11. Brand Accounts compromised for Spending Phishing messages.
If you find the sender of a message to be some authentic and original brand name, it is least likely for you to consider the message a spam. Hackers had successfully managed to get hold on accounts of many big brand names. They used it for sending out phishing messages. The biggest of such cases took place in Australia where hackers hacked into a Bank’s official social media account and kept asking users to disclose financial details. The scam that took place in September 2011 continued for a long time as the bank wasn’t even aware that a hijack has occurred.
12. Enigma’s Slack community channel and website hacked.
Over half a million dollar was stolen after Enigma’s social community channel called Slack was hijacked along with its website. Enigma was serving as a startup exchange platform for the cryptocurrency Ethereum. Attackers created fake profiles of the executives of the company and asked users to directly send some specific amount to a given wallet address. They managed to steal Ethereum worth at least half million dollars.
Social media platforms constantly keep churning out the user guidelines to make every user’s experience scam free and safe. The guidelines are meant to be abided also though many users tend to ignore it and regret later. Social media is meant to connect only with people you may know. Every user is expected not to connect with any person or profile which they are unsure to have any connection with. Companies should even get the best possible social media security tools to help its employees stay secure on the social media.
The Indian Cyber Army (ICA) tries its best to help people stay safe on the internet. It tries to link people to all the cyber security threats that help them become more and more aware of all sorts of cyber crimes prevalent in the modern digital world. It welcomes people to dial up their cyber crime helpline number +91 99686 00000 if they feel anything they come up on the internet is not usual or may harm them.