Ontario city the latest to temporarily lose control of its X account

Share post:

An Ontario municipality has become the latest to lose temporary access to its X account.

Peterborough, Ont., a city of 83,600 about 125km northeast of Toronto, says someone took over and renamed its X/Twitter account on Sunday and held control for about 24 hours.

Re-named [at]JupiterExchange, the new controller then began tweeting links to a cryptocurrency scam until this morning, when the city was able to regain access.

Brendan Wedley, the city’s director of strategic communications and service, told IT World Canada that the municipality is looking into how the account was hacked. Three to five people had password access, he said.

The attacker only used their X access to play with the account. The has been no suspicious activity detected on the city’s IT network, Wedley said.  Nor, he added, has there been any suspicious activity on the city email accounts of staff who had access to the X account.

In a press release, the city also stressed that no personal information was shared by the municipality on its X social media account.

The incident is once of several recent takeovers of X accounts, many of which were then used for cryptocurrency scams. It isn’t clear if this is one gang’s tactic or there are several copycats.

One of the most embarrassing of the attacks hit cybersecurity company Mandiant over a week ago. The Google-owned division admitted that usually employees have to enable two-factor authentication on any account they have, “but due to some team transitions and a change in X’s 2FA policy, we were not adequately protected. We’ve made changes to our process to ensure this doesn’t happen again.”

The threat actor who took control of the Mandiant account used it to post links to a cryptocurrency drainer phishing page. Drainers are malicious scripts and smart contracts that actors can leverage to siphon funds and/or digital assets, such as non-fungible tokens, from victims’ cryptocurrency wallets after they are tricked into approving transactions.

In arguably the second most embarrassing takeover, the U.S. Securities and Exchange Commission (SEC) was taken over last week, with the hacker tweeting the regulator had approved the listing of bitcoin exchange-traded funds (ETFs) on U.S. security exchanges. That wasn’t true at the time — but a few days later the SEC did okay ETFs. X said it wasn’t at fault for the hack. 

Among the other recent victims was a Canadian Senator.

In 2020, a gang used social engineering attacks to take control over and sell access to the Twitter accounts of celebrities and well-known people. One of those who bought control of a stolen account, Joseph James O’Connor — a hacker himself — was sentenced last year to five years in prison.

The recent X hacking incidents are a warning to companies and governments at all levels that an individual or individuals are hunting for poorly secured social media accounts where they can spread links to scams. The focus on X may only be temporary. Use of phishing-resistant multifactor authentication to protect all social media accounts of any organization or prominent individual is imperative.

The post Ontario city the latest to temporarily lose control of its X account first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

FBI rapidly hacks into Trump shooter’s phone, raises privacy concerns

Just two days after the attempted assassination at a Trump rally, the FBI announced it had gained access...

Disney investigating a potential major leak of internal communications

Disney is investigating a significant data breach by the hacking group Nullbulge, which claims to have accessed and...

Kaspersky to shut down its US business due to sanctions

Russian cybersecurity firm Kaspersky Lab announced it will cease its U.S. operations starting July 20, following sanctions from...

Google’s Gemini AI caught scanning private Google Drive documents without permission

Google's Gemini AI has come under fire for scanning private PDF documents in Google Drive without user consent....

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways