- Trump gets banned from SeekingArrangement because he’s not a ‘real sugar daddy’ 3 Years Ago
- InfoWars accidentally sent child porn to lawyers representing Sandy Hook parents 3 Years Ago
- Sticker warns men changing diapers about ‘feminization of the American male’ 3 Years Ago
- The genius way Genius caught Google allegedly stealing lyrics Today 3:03 PM
- This bubble tea challenge is a balancing act Today 2:15 PM
- Laura Dern gifts the internet with more ‘Big Little Lies’ memes Today 1:54 PM
- The Stonks meme is back—and it’s weirder than ever Today 1:27 PM
- Video shows officer threatening to shoot pregnant Black woman in front of her children Today 1:12 PM
- Netflix’s ‘Leila’ tells a familiar dystopian horror story Today 12:37 PM
- O.J. Simpson says in Twitter video that he never slept with Kris Jenner Today 12:06 PM
- GOP commissioner jokes on Facebook about running over Trump protesters Today 11:52 AM
- 2 trans women killed within 3 months in the same neighborhood Today 11:35 AM
- DNC tries to pander with tone-deaf Beyoncé meme, fails miserably Today 10:45 AM
- Parkland grad says Harvard rescinded offer after racist comments surfaced Today 10:10 AM
- ‘The Edge of Democracy’ chronicles the downfall of Brazil’s political leaders Today 9:42 AM
OurMine temporarily took over TechCrunch after breaking into a writer’s account
Another good reminder to change your password.
The temporary invasion into TechCrunch’s content management system (CMS) took place early Tuesday morning, and allowed OurMine to publish a post with the headline “OurMine Team — Important Message!” that appeared on the front page of the site and disrupting the publication’s operations.
The post itself is no longer available, but a cached version of the page is still available. The body of the article created by OurMine read: “Hello guys it’s OurMine Team, we are just testing TechCrunch Security , don’t worry we never change your passwords.”
OurMine was also able to share the post via TechCrunch’s Twitter account and managed to hijack the banner atop the TechCrunch home page, where they placed a message similar to the post.
As is standard operating for OurMine, the group requested TechCrunch contact them to retrieve the compromised account and shared a link to their contact page.
A member of OurMine told the Daily Dot they were able to compromise the account of TechCrunch writer Devin Coldewey by using a “brute force tool” the team created, though they declined to provide any additional details about the tool.
OurMine considered the break-in a simple test of TechCrunch’s security methods. According to an OurMine member, the group told TechCrunch to enable two-factor authentication on all of the site’s accounts to prevent any additional breaches.
Others have suggested a different means of entry; namely, the group found a password belonging to Coldewey and managed to log in as the writer through through TechCrunch’s CMS.
OurMine rejected that notion when asked, but it has been called into question in the past if the group has truly “hacked” their way into accounts or if they have used login credentials found in databases from other sites that have spilled online in recent months.
While Business Insider reported OurMine has been around since 2014, the group grew to prominence this year after taking over several high-profile social media accounts beloning to celebrities and executives at tech companies.
The group has claimed responsibly for taking over the dormant Twitter account of Facebook founder and CEO Mark Zuckerberg, as well as Amazon CTO Werner Vogels, Spotify CEO Daniel Ek, Uber CEO Travis Kalanick, actor William Shatner, and many others.
That increase in awareness came shortly after a number of databases appeared online containing millions of account credentials belonging to users of popular social networking services like LinkedIn, MySpace, and Tumblr.
Many of those usernames and passwords have been hosted online by a service called LeakedSource. Functioning primarily as a way to allow people to search to see if their account was compromised in any of the stolen databases, LeakedSource also offers a paid service that gives nearly unlimited access to the usernames and passwords housed in the leaks.
For a small fee, users are able to search any email address or account name and see the passwords associated with the login. LeakedSource told the Daily Dot it has since updated its protections to only show part of the password, but will reveal the password in full if a person enters it correctly.
A Twitter user named Lid admitted to using LeakedSource to take over the Twitter account of Oculus CEO Brendan Iribe earlier this month, he told the Daily Dot that he was once associated with the OurMine collective and claimed the group simply took passwords from LeakedSource.
Since many people reuse passwords don’t change their passwords regularly, Lid claimed OurMine is able to find other accounts belonging to a user that have the same password.
The claim from Lid may explain why OurMine’s hacks often aren’t direct access to an person’s social media presence but rather through an ancillery account that is linked to a person’s Twitter. Such was the case for Google CEO Sundar Pichai, who had his Quora account taken over. Because it was linked to his Twitter account, posts made on on his Quora account appeared in his Twitter feed.
OurMine denied any association with Lid and claimed to have never used LeakedSource—a claim they maintain in regards to the TechCrunch situation. It is worth noting that an email address associated with Coldewey is present in one of the online databases that houses login and password information.
TechCrunch has not commented publicly on the incident. The Daily Dot contacted Coldewey for comment but didn’t receive a response at the time of publication.
AJ Dellinger is a seasoned technology writer whose work has appeared in Digital Trends, International Business Times, and Newsweek. In 2018, he joined Gizmodo as the nights and weekend editor.