Hacker group OurMine has claimed another victim this morning in the form of Marvel's Twitter accounts.
Around noon EST, Marvel's Twitter accounts for Marvel Music, Captain America, Iron Man, Black Panther, along with their main account were all taken over by the group. All of these accounts posted the same message, “Hey, it's OurMine, Don't worry we are just testing your security, contact us to help you with your security [email protected]”
OurMine is not new to Twitter hacks. This three-person team made their presence known in June when they hacked Mark Zuckerberg and Uber's CEO Travis Kalanick in June. They posted the same type of message as they did with Marvel's account remarking that the account's security wasn't strong enough and that the owner of the account could go to the group's website to become more secure.
OurMine spoke to Buzzfeed around this time, explaining that they got access to the accounts through apps that the owners have connected to their Twitter account. “OurMine told BuzzFeed News that the apps it hacked to gain access to Twitter accounts ranged from the question-and-answer site Quora, to the URL shortener Bitly, to the social media manager Sprout Social.” It was in this article that Buzzfeed also revealed the identity of one of the members of this group.
The very next day after releasing that article, Buzzfeed found itself hacked as well. The original news story was replaced with “Hacked by OurMine team, don't share fake news about us again, we have your database. Next time it will be public. Don't fuck with OurMine again.”
— BuzzFeed News (@BuzzFeedNews) October 5, 2016
OurMine has continued to deny that the member exposed in the Buzzfeed article is actually a member, claiming that he's just a fan of the group. Buzzfeed was able to get the original articles back and are still accessible on their site to this day.
More recently, OurMine hacked Netflix's Twitter account as well with the same message that was posted to all of Marvel's. Netflix and Marvel have regained access to all of their accounts since the original attack.