OurMine hackers hit Twitter, Yahoo CEOs, but dubious claims remain

One of the group's hackers made bizarre and unverifiable claims about how they accessed accounts.
Written by Zack Whittaker, Contributor

Twitter accounts associated with Yahoo boss Marissa Mayer and the site's co-founder Jack Dorsey were briefly taken over this weekend by a mysterious trio of hackers, known as OurMine.

Dorsey, who earlier this year was reinstalled as the company's chief executive, also had his linked Vine account attacked.


(Screenshot: ZDNet)

The accounts were breached in the early weekend, during a considerably active time on social media, which saw the shooting of five police officers in Dallas, Texas.

But question remain over how much power and influence the group has, based on bizarre interactions with the group's members and what appear to be fake screenshots purporting to be "evidence" of the group's alleged hacking prowess.

The group has undoubtedly garnered recent attention for a string of high-profile takeovers.

The hackers have in recent weeks also claimed the social accounts of Facebook co-founder and chief executive Mark Zuckerberg last month, and more recently Google's Sundar Pichai and Uber founder Travis Kalanick.

All three executives are thought to have had their accounts breached by different means. In Zuckerberg's case, his username and password were found in the massive LinkedIn data breach, while Pichai's Quora account was reportedly taken over at the question-and-answer screen at the site's password reset prompt, rather than a vulnerability in the site's platform which the hackers claimed.

That same claim was echoed by the hackers in an email to ZDNet on Friday,

In a brief email exchange, one of the three members -- who declined to be named -- denied that the point of these high-profile attacks are for publicity or to drive business, despite the group's own website which more or less offers a service for scanning a website for vulnerabilities so they can be fixed.

"We are just trying to let everyone know that nobody is safe!" said the hacker.

The group confirmed that there were three members of the group, but said that they were "located in no place." In other words, they wouldn't say where they were from or located.

In a later email, which ignored my follow-up questions, the group shared a link to a blog post that they had published, which claimed that Vine "can see your passwords."

"We hacked Jack's Dropbox and we found all Vine files including picture of the control panel of Vine," said the blog post. "As you can see in the picture who have access to the panel can see private information about people and their passwords."

The group posted a screenshot of what purports to be the Vine "admin" panel.


An alleged screenshot of the Vine admin panel, which appears to be a fake. (Image: OurMine)

A Twitter spokesperson could not be reached on Sunday outside of business hours. But a detailed analysis of that screenshot shows it to be little more than a well-crafted fake -- based on a mismatch of data of one account which did not match up to other data which we were able to verify. The purported admin panel also does not appear to use HTTPS; in a tweet, Twitter trust and information security officer Michael Coates said Vine's admin site "is HTTPS," effectively debunking the validity of OurMine's screenshot.

He also said in that same tweet that Vine "never shows passwords in any form," again contradicting OurMine's claims.

What didn't help the hackers' case was that the screenshot also contained a number of spelling mistakes, an almost definitive indicator that the image isn't genuine.

The hacker group did not respond when asked about the faked image on Sunday.

If you can't trust a hacker, of all people -- who can you trust?

Editorial standards