Phone : +91 9582 90 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Ministry of Jal Shakti’s Twitter account hacked for the second time this month

Ministry of Jal Shakti’s Twitter account hacked for the second time this month

Ministry of Jal Shakti’s Twitter account hacked for the second time this month

 

 Ministry of Jal Shakti Twitter account hacked [Source: Satnam Narang, Tenable]
Ministry of Jal Shakti Twitter account hacked [Source: Satnam Narang, Tenable]

On 28 December, the official Twitter account of the ministry of Jal Shakti (@MoJSDoWRRDGR) was hacked by crypto scammers for the second time this month. Following the account hijack, the hackers promoted cryptocurrency giveaways – Bitcoin and Ethereum – through a series of tweets by pretending to be Elon Musk.

In his tweet, Satnam Narang, senior research engineer at Tenable says that links shared by the hackers on their tweets led to a “standard cryptocurrency scam page” which mimicked the popular open source content platform Medium.

The perpetrators even interacted with notable cryptocurrency influencers and crypto-related news outlets such as CoinDesk.

Ministry of Jal Shakti: 2 hacks in 1 month

The incident marks the second instance of Jal Shakti ministry’s Twitter account getting hacked. On 1 December, the ministry’s Twitter account was briefly compromised, although 80 tweets related to fraudulent cryptocurrency-related offers were posted during the takeover.

In the last incident, the ministry confirmed that its official Twitter account was indeed hacked, however, a statement confirming yesterday’s hack is yet to be issued.

In January this year, the official Twitter account of the Union Ministry of Information and Broadcasting was compromised.

How hackers are running cryptocurrency scams

 Hackers trying to carry out cryptocurrency scam [Source: Satnam Narang, Tenable]
Hackers trying to carry out cryptocurrency scam [Source: Satnam Narang, Tenable]

Narang tells us that the hackers were most likely gunning for “advanced fee fraud” or a “trust trading scam”. The way it works, he explains, is that users are first asked to send anything between 0.5 to 10 Bitcoin or 0.5 to 300 Ethereum in order to double their earnings in cryptocurrency.

He warns that if a user is being asked to send money up-front or an advanced fee to participate or win a giveaway, there is a 99.9% chance they are being scammed.

“Users never receive anything back, and because cryptocurrencies are decentralized, users have no recourse of recovering their lost cryptocurrency,” Narang says.

“One of the first instances of a gray-verified badge hack”

Narang says that since Elon Musk took over Twitter, some changes have been made with respect to verified accounts, thus making it harder for cyber attackers to pivot a verified profile to impersonate businesses like Tesla or Twitter.

“However, this is one of the first instances we’ve seen within the new verification system that a gray verified badge – which is associated with government agencies – was hacked and used to promote a fake cryptocurrency giveaway,” he says.

In addition to hacking a verified government account, Narang says that the hackers elevated the “reach” of the scams by retweeting and liking the post from several bot accounts.

Twitter battles data security concerns

 Hackers compromised 400M Twitter accounts [Source: Alon Gal, Hudson Rock]
Hackers compromised 400M Twitter accounts [Source: Alon Gal, Hudson Rock]

Following Elon Musk’s takeover of Twitter on 28 October, Larry the Bird – name of the blue bird in the logo – has hit a rough patch when it comes to data security.

On 26 December, a hacker who goes by the name Ryushi claimed to have hacked the personal data of over 400 million Twitter users including verified accounts of prominent individuals such as Sundar Pichai, Steve Wozniak, Salman Khan, Piers Morgan, and Donald Trump Junior – to name a few.

Alon Gal, co-founder and CTO of Israeli cybersecurity firm Hudson Rock, in a series of tweets, explains that due to the revealing of email addresses, hackers were able to find compromised passwords from previous data breaches and access user accounts not equipped with 2-factor authentication or 2FA.

 Compromised Twitter accounts [Source: Alon Gal, Hudson Rock]

Compromised Twitter accounts [Source: Alon Gal, Hudson Rock] Another possibility is that the hacker(s) could have targeted the email supplier and with the help of the compromised email and social-engineered his way to access the email account. If the user has not enabled multi-factor authentication (MFA), the hacker can easily reset the Twitter account password and hijack the account.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 9582 90 7788 | Support Number : +91-9654016484
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket