Ontario city the latest to temporarily lose control of its X account

Share post:

An Ontario municipality has become the latest to lose temporary access to its X account.

Peterborough, Ont., a city of 83,600 about 125km northeast of Toronto, says someone took over and renamed its X/Twitter account on Sunday and held control for about 24 hours.

Re-named [at]JupiterExchange, the new controller then began tweeting links to a cryptocurrency scam until this morning, when the city was able to regain access.

Brendan Wedley, the city’s director of strategic communications and service, told IT World Canada that the municipality is looking into how the account was hacked. Three to five people had password access, he said.

The attacker only used their X access to play with the account. The has been no suspicious activity detected on the city’s IT network, Wedley said.  Nor, he added, has there been any suspicious activity on the city email accounts of staff who had access to the X account.

In a press release, the city also stressed that no personal information was shared by the municipality on its X social media account.

The incident is once of several recent takeovers of X accounts, many of which were then used for cryptocurrency scams. It isn’t clear if this is one gang’s tactic or there are several copycats.

One of the most embarrassing of the attacks hit cybersecurity company Mandiant over a week ago. The Google-owned division admitted that usually employees have to enable two-factor authentication on any account they have, “but due to some team transitions and a change in X’s 2FA policy, we were not adequately protected. We’ve made changes to our process to ensure this doesn’t happen again.”

The threat actor who took control of the Mandiant account used it to post links to a cryptocurrency drainer phishing page. Drainers are malicious scripts and smart contracts that actors can leverage to siphon funds and/or digital assets, such as non-fungible tokens, from victims’ cryptocurrency wallets after they are tricked into approving transactions.

In arguably the second most embarrassing takeover, the U.S. Securities and Exchange Commission (SEC) was taken over last week, with the hacker tweeting the regulator had approved the listing of bitcoin exchange-traded funds (ETFs) on U.S. security exchanges. That wasn’t true at the time — but a few days later the SEC did okay ETFs. X said it wasn’t at fault for the hack. 

Among the other recent victims was a Canadian Senator.

In 2020, a gang used social engineering attacks to take control over and sell access to the Twitter accounts of celebrities and well-known people. One of those who bought control of a stolen account, Joseph James O’Connor — a hacker himself — was sentenced last year to five years in prison.

The recent X hacking incidents are a warning to companies and governments at all levels that an individual or individuals are hunting for poorly secured social media accounts where they can spread links to scams. The focus on X may only be temporary. Use of phishing-resistant multifactor authentication to protect all social media accounts of any organization or prominent individual is imperative.

The post Ontario city the latest to temporarily lose control of its X account first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Russian State-Backed Cyber Attack Exploits Zero-Day Vulnerabilities in Windows and Firefox

Headline: A sophisticated cyberattack leveraging two chained zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows has been confirmed by...

Starbucks Forced to Pay Baristas Manually After Ransomware Attack

A ransomware attack on Blue Yonder, a third-party scheduling software provider, has disrupted Starbucks’ ability to manage employee...

Google Launches Free Cybersecurity Certificate for Entry-Level Jobs

Google has introduced a new Cybersecurity Professional Certificate, aimed at preparing students for entry-level roles in just six...

Critical Vulnerability Leaves Millions Of Sites Vulnerable To Takeover

A severe authentication bypass vulnerability has been discovered in the WordPress plugin "Really Simple Security" (formerly *Really Simple...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways