Gizmodo Twitter account hacked ... thanks to Apple

How do hackers get information about a person's online user name and password, even if both are well protected by the account owner? In the past, we have seen reports that hackers make use of phishing scams to retrieve information about Xbox Live accounts.

This weekend, it appears that a clever hacker managed to gain access to the Twitter account of the tech website Gizmodo through, of all places, an Apple tech support member. AllThingsD.com reports that the hacker or group took control of the Twitter account, which has almost 500,000 followers, for 15 minutes on Friday and used it to post a variety of offensive and racist messages.

So what happened? The hackers got control via the Twitter account of a former Gizmodo staff member, Mat Honan. Venture Beat reports that Honan first thought the hackers got a hold of his information via a brute force method. However, he later got in contact with the unnamed hacker, along with someone at Apple. He states, "They got in via Apple tech support and some clever social engineering that let them bypass security questions." Honan originally made these statements on his Tumblr page.

The hacker used the information given by the Apple Care support team member for more than just breaking into Honan's Twitter account. The unknown culprit also remotely deleted all of Honan's data from his various Apple products, including his iPhone, iPad and Mac. Honan's Gmail account was also accessed and deleted.

The story points out that he might not have had his account hacked if he had turned on support for authenticating his account with two factors, instead of just one. However, we imagine that Apple Care team member doesn't feel too good about being fooled into revealing private account information.

Source: Venture Beat

Report a problem with article
Previous Story

Study: Windows Phone sales jump 277 percent in Q2 2012

Next Story

Painkiller: Hell and Damnation enters closed beta

28 Comments

View more comments

humanz. said,
Apple are cyber terrorists now?

Reminds me of that one episode in Cowboy Bebop when Spike Spiegel ordered that artificial lobster at that restaurant and then an extremist animal rights activist group shows up, that's Apple in the future


Seriously one of the best animes ever...

humanz. said,
Apple are cyber terrorists now?

Reminds me of that one episode in Cowboy Bebop when Spike Spiegel ordered that artificial lobster at that restaurant and then an extremist animal rights activist group shows up, that's Apple in the future

Apple security is one big single point of failure. This is only news because its a high profile person, anyone else loosing data is dismissed. Beware.

drazgoosh said,
These hackers are getting trickier and trickier

Not really, it's the people that are getting more stupid by the day.

I'm confused how was the twitter account hacked because of Apple? Unless the author was using iCloud for his e-mail I don't see how the hacker got access to his gMail or Twitter via Apple. Perhaps I'm missing something.

Edrick Smith said,
I'm confused how was the twitter account hacked because of Apple? Unless the author was using iCloud for his e-mail I don't see how the hacker got access to his gMail or Twitter via Apple. Perhaps I'm missing something.

icloud was backup email to gmail, then all went wrong from there

Social engineering 101. You can have the best security there is, but all it takes is one smooth talking guy and a terrible security policy.

wetworker said,
Title should be. Mac centric tech blog gets Twitter account hacked ...Thanks to Apple.

Exaclty.... looks how Neowin uses Skydrive logo in that article from the former Apple employee.

Ricardo Dawkins said,

Exaclty.... looks how Neowin uses Skydrive logo in that article from the former Apple employee.
Just look at the news author.

Neowin's use of sensationalist headlines lately has led me to think less of Neowin's articles.
Neowin has always had a very nice presentation of their articles previously, but the lately the quality has dropped significantly.

bidz said,
Neowin's use of sensationalist headlines lately has led me to think less of Neowin's articles.
Neowin has always had a very nice presentation of their articles previously, but the lately the quality has dropped significantly.

We know, we onow. Everyone is a mean Apple hater. Apple is perfection, and all these people are just attacking them for no good reason. *Sniff* LEAVE APPLE ALONE!!! Now stomp your feet, repeat one of your usual comments about Samsung or Nokia (yes, I looked over your post history, quite a few hateful posts you have made) and throw the usual temper tantrum.

nohone said,

We know, we onow. Everyone is a mean Apple hater. Apple is perfection, and all these people are just attacking them for no good reason. *Sniff* LEAVE APPLE ALONE!!! Now stomp your feet, repeat one of your usual comments about Samsung or Nokia (yes, I looked over your post history, quite a few hateful posts you have made) and throw the usual temper tantrum.

Lol...I couldnt help but picture the "leave britney alone" video.

nohone said,

We know, we onow. Everyone is a mean Apple hater. Apple is perfection, and all these people are just attacking them for no good reason. *Sniff* LEAVE APPLE ALONE!!! Now stomp your feet, repeat one of your usual comments about Samsung or Nokia (yes, I looked over your post history, quite a few hateful posts you have made) and throw the usual temper tantrum.

No, that's not what people are saying at all; but thanks for playing. It's not just about Apple/Microsoft but any headline Neowin has used in the last year to try and desperately grab some more viewers, for reference here is a less bias news tidbit:

http://apple.slashdot.org/stor...ontent=Google+International

It's well written, it's concise, it states the facts (which are still completely unclear after reading this article--a tech site that provides no technical detail, cool) and it's accurate. Everything this article is not.

I don't really care for Microsoft or Apple but I at least clicked this article wanting to know how it actually happened...

nohone said,

We know, we onow. Everyone is a mean Apple hater. Apple is perfection, and all these people are just attacking them for no good reason. *Sniff* LEAVE APPLE ALONE!!! Now stomp your feet, repeat one of your usual comments about Samsung or Nokia (yes, I looked over your post history, quite a few hateful posts you have made) and throw the usual temper tantrum.

Umm yeah. Did I ever mention Apple or Microsoft or Android?
No, I just stated the fact that Neowin's quality has dropped over the last year or so. Especially articles from one specific reporter tends to use overly dramatized headlines which you usually see in the sensationalist newspapers that live on that kind of stuff.

You however swallowed an unintentional bait... Learn to read the text and facts rather than what the headlines tell you.

Was actually thanks to google, that was the launch platform it seems from reading his account of what happened.

Gizmodo's twitter account was hacked because one of the staff there had his own account tied to it.. Not very wise, imho..

Please stop with the sensational fud. Edwin reporting just isn't unprofessional, its **** as well. Techspot is just as bad. Difficult to find a tech site that isn't biased in one way or another.

Read the article, Apple is as much to blame as Amazon and Google in this. The "hackers" would never have been able to do all that damage without the security failure of Amazon and Google.

It is sad to see something like this happen, but I think this is the type of wake-up call that they needed to kick the complacent attitude about authentication and passwords. There continues to remain the need for more preventative measures to be put in place. For example many of the leading online storage providers are giving users the perfect balance between security and user experience by implementing 2FA which allows us to telesign into our accounts. I know some will claim that the verification process makes things more complicated, but the slight inconvenience each time you log in is worth the confidence of knowing your info is secure. I'm hoping that more providers start to offer this awesome functionality. This should be a prerequisite to any system that wants to promote itself as being secure.

Commenting is disabled on this article.