PDA

View Full Version : U.S. military command's Twitter account hacked




Suzanimal
01-12-2015, 02:37 PM
More pics at link.


http://i.imgur.com/ZaRPLt9.png



The official Twitter account for U.S. Central Command, or CENTCOM, appears to have been hacked by someone claiming to be affiliated with Islamic State militants (also known as ISIS or ISIL).

Starting at around 12:30 p.m. Eastern time, CENTCOM’s Twitter profile picture and cover photo were changed to a black background displaying the words “CyberCaliphate” and “i love you isis” in white letters.

The hackers posted a series of menacing tweets with messages like “AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK” and “You’ll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base. With Allah’s permission we are in CENTCOM now. We won’t stop! We know everything about your wives and children. U.S. Soldiers! We’re watching you!”
In a statement to Yahoo News, a spokesperson for CENTCOM confirmed that both the agency's Twitter and YouTube accounts had been compromised.

"We are taking appropriate measures to address the matter," CENTCOM said. "We have no further information to provide at this time."

The hack took place as President Obama prepared for speech on the issue of cybersecurity. White House Press Secretary Josh Earnest urged reporters to note the "significance difference between what is a large data breach and the hacking of a Twitter account," but said that the hack "is something that we are obviously looking into and something that we take seriously."

The tweets include a photo of what looks like uniformed American soldiers at an unidentified Army base, screenshots of spreadsheets with the names and contact information of military personnel, and PowerPoint slideshows with maps of China and North Korea. While some of the documents say "For Official Use Only" in small letters, they are notably free of any classified watermarks or stamps. In fact, U.S. defense officials speaking on the condition of anonymity told Reuters that none of the information in the images posted on the CENTCOM Twitter feed appeared to be classified or pose any sort of security threat.

About 30 minutes after the first hacked @CENTCOM tweet was posted, Twitter seemed to have taken control of the account, restoring the @CENTCOM profile photo to the generic egg. A few minutes later the account had been suspended. CENTCOM's YouTube account also appeared to have been hacked and has since been deactivated.

http://news.yahoo.com/u-s--military-command-s-twitter-account-apparently-hacked-by-isis-181757697.html

Lucille
01-12-2015, 02:40 PM
http://www.ronpaulforums.com/showthread.php?466439-ISIS-Supporters-Hack-US-CentCom-s-Twitter-YouTube-Account-Threaten-US-Soldiers-Release-quot-Chi

Suzanimal
01-12-2015, 02:43 PM
http://www.ronpaulforums.com/showthread.php?466439-ISIS-Supporters-Hack-US-CentCom-s-Twitter-YouTube-Account-Threaten-US-Soldiers-Release-quot-Chi

Oops.:o

ZENemy
01-12-2015, 02:48 PM
*yawwn*

69360
01-12-2015, 05:18 PM
So somebody nominally associated with IS guessed our military PR guys password.

Obviously we have to nuke IS now.

ZENemy
01-12-2015, 05:30 PM
Im still getting over the fact that such a useless entity has an even more useless twitter account.

Unknownuser
01-12-2015, 07:31 PM
"The hack took place as President Obama prepared for speech on the issue of cybersecurity."

Of course it did.

thoughtomator
01-13-2015, 12:09 AM
Seeing multiple sources claim that the hack originated in Maryland (home of the NSA) and that all the information released was already in the public domain. This was a stunt, and wasn't done by any genuine Islamic terror group.

GunnyFreedom
01-13-2015, 12:16 AM
The sad and absurd part of this is how the warhawk right was going on and on on facebook about US CENTCOM getting hacked. US CENTCOM did not get hacked their freaking TWITTER account did. There is a H U G E difference. No DOD equipment or networks were even TOUCHED much less hacked. I got unfriended by a dozen idiots just for pointing this out, that all this probably was was a public affairs lieutenant for US CENTCOM set a Twitter password that was far too simple, and it got broken by a brute force hack. Happens every day to people all over the world. The tools to do such a thing are free and freely available. I would barely call this a 'hack.' Now the warhawk right is acting like the hackers got into DOD sensitive networks. :rolleyes:

Weston White
01-13-2015, 12:47 AM
The hackers posted a series of menacing tweets with messages like “AMERICAN SOLDIERS, WE ARE COMING, WATCH YOUR BACK” and “You’ll see no mercy infidels. ISIS is already here, we are in your PCs, in each military base. With Allah’s permission we are in CENTCOM now. We won’t stop! We know everything about your wives and children. U.S. Soldiers! We’re watching you!”

Well considering that ISIS (i.e., the Egyptian goddess Isis or Aset--as in 'asset'--the mother of Horus, personifying the "throne", as the patroness of magic and nature, care provider to the downtrodden, those wealthy, and aristocrats alike, and is the goddess of health, marriage, and wisdom) is just a rebranding of Al Qaeda (A la-CIA-duh) that goal should not be too difficult to accomplish being that United States coalition forces are already working together with Al Qaeda and guarding their $500 billion opium industry.

osan
01-13-2015, 08:34 AM
What can one say about such things? There is little to zero potential for anyone being able to confirm or deny who this person or people are.

I could mount a hack single-handedly and later call in claiming to represent the Order Of The Raging Dong and that we are 12,000 members strong, have huge penises, etc., and who would be able to prove the statement one way or the other if the acts and claims were done with high competence?

The subterfuge is so thick anymore, it is a wonder that we can trust the sun has in fact risen this morning.

moostraks
01-13-2015, 08:57 AM
What can one say about such things? There is little to zero potential for anyone being able to confirm or deny who this person or people are.

I could mount a hack single-handedly and later call in claiming to represent the Order Of The Raging Dong and that we are 12,000 members strong, have huge penises, etc., and who would be able to prove the statement one way or the other if the acts and claims were done with high competence?

The subterfuge is so thick anymore, it is a wonder that we can trust the sun has in fact risen this morning.

Indeed! Well said...I found myself rolling my eyes over this when I read it. Yet, as gunny put forth, the FOX newsians are thinking it is some reason for responding with force ('cause violence seems to be the far right response to any offense in their "Christian" view of the world).

acptulsa
01-13-2015, 09:28 AM
The sad and absurd part of this is how the warhawk right was going on and on on facebook about US CENTCOM getting hacked. US CENTCOM did not get hacked their freaking TWITTER account did. There is a H U G E difference. No DOD equipment or networks were even TOUCHED much less hacked. I got unfriended by a dozen idiots just for pointing this out, that all this probably was was a public affairs lieutenant for US CENTCOM set a Twitter password that was far too simple, and it got broken by a brute force hack. Happens every day to people all over the world. The tools to do such a thing are free and freely available. I would barely call this a 'hack.' Now the warhawk right is acting like the hackers got into DOD sensitive networks. :rolleyes:

And these are the exact same people who, if asked if they themselves have a twitter account, will deny it to their dying breath with sneering and cursing and considerable umbrage taken that anyone could think them capable of engaging in an activity so meaningless and frivolous.

I think the proper response is, 'Afraid they'll hack your twitter account next?'

specsaregood
01-13-2015, 09:56 AM
all this probably was was a public affairs lieutenant for US CENTCOM set a Twitter password that was far too simple, and it got broken by a brute force hack. Happens every day to people all over the world.

It is possible but would be somewhat time consuming to brute force it. I just tested it, seems to be about 10-15 attempts before it locks you out for an hour. So you'd only get between 240-360 attempts per 24hr period. And I would be surprised if they didn't have a permanent auto-lockout after too many temporary lockouts. I doubt it was straight up brute forced using a dictionary attack.

https://support.twitter.com/articles/63510-i-m-locked-out-after-too-many-login-attempts


I'm locked out after too many login attempts

What does it mean to be locked out?
◦After a limited number of failed attempts to sign in to Twitter, you will be temporarily locked out from trying to sign in. When your account is locked, you will not be able to sign in — even with the correct password.
◦ This lock lasts about an hour and will then clear on its own.

I didn't trigger the lock. Was my account compromised?
◦If user's account appears to be hacked or phished, we may proactively reset the passwords for the affected accounts to revoke access to the hacker. In these cases, we send an email to the account's real owner (you) with additional information on how to reset the password. If you got one of these emails, please follow the instructions in the email.

GunnyFreedom
01-13-2015, 10:44 AM
It is possible but would be somewhat time consuming to brute force it. I just tested it, seems to be about 10-15 attempts before it locks you out for an hour. So you'd only get between 240-360 attempts per 24hr period. And I would be surprised if they didn't have a permanent auto-lockout after too many temporary lockouts. I doubt it was straight up brute forced using a dictionary attack.

https://support.twitter.com/articles/63510-i-m-locked-out-after-too-many-login-attempts
Yeah, someone else mentioned phishing. I think it may have been another thread? Seems more likely.