OneMine group strikes back!(pun intended) And this time they’ve got their hands on Google CEO Sundar Pichai’s Quora account. And to refresh your memory, this is the same hacker group that took over and vandalized Mark Zuckerberg’s lesser-known social accounts. (Scroll to the end for Quora’s official statement)
OneMine, a three man group first came into the limelight when they hacked the Twitter, Pinterest and reportedly the Instagram of the Facebook CEO and founder Mark Zuckerberg. They then went ahead to claim their mark on the accounts and vandalized them. They also sent racist and violent tweets to other user in the process.
And now we’re hearing that they had taken over Pichai’s Quora account and posted several question and answers via his account. And since the Google CEO has his Quora account linked with his Twitter, so the answers were being exhibited to the masses via his feed.
The tweets and answers have since then been removed.
OneMine’s Justification
The hacker group says that they never intended to vandalize the accounts, they are just testing the public security(sic). In a mail to The Next Web, the group also added that,
we never change their passwords, we did it because there is other hackers can hack them and change everything.
And also, the hacker group is now aiming to re-brand itself as a “cyber-security firm” and is offering its support to the targets whose accounts they have recently hacked.
Last month, OneMine had used the leaked LinkedIn database dump to get access to Zuckerberg’s social media accounts and vandalize them. But, they have now disclosed that they didn’t use any sort of data dump to gain access to Pichai’s Quora account.
They broke into Pichai’s account by exploiting a vulnerability in Quora’s own platform – one that it claims to have reported to the company but with no response. So, they probably hacked into his account to make Quora focus on the vulnerability and take an action to patch it up. But, OneMine isn’t gaining any fans by hacking into celebrities accounts.
OneMine also aren’t shying away from publicizing about their practice of hacking popular social media accounts to bring forth the shortcomings of Internet-based tech companies. You can check-out their trophy-case on their blog right here.
UPDATE(Quora’s Statement) :
Quora has released a statement denying the fact that OneMine exploited any vulnerability in their system and said that,
We are confident that Sundar Pichai’s account was not accessed via a vulnerability in Quora’s systems. This is consistent with past reports where OurMine exploited previous password leaks on other services to gain access to accounts on Twitter or Facebook. We also have no record of a report by OurMine pointing to a vulnerability.
And like every other breached website, they have also urged users to reset their account passwords, and use two-factor authentication for improved security.