Article Lead Image

How an Eastern European gang hacked Twitter and Facebook

Despite early speculation that China was behind recent hacks of Twitter, Facebook and Apple accounts, the culprit is actually a hacker gang based in Eastern Europe.


Kris Holt


Posted on Feb 21, 2013   Updated on Jun 1, 2021, 11:58 pm CDT

Hacks on the systems of Apple, Facebook, and Twitter may have all been carried out by the same gang.

Several computers within those companies’ networks were compromised, with hackers potentially grabbing as many as 250,000 Twitter users’ personal data. No Apple or Facebook user data was compromised, according to the firms.

According to reports, an Eastern European group is behind the attacks. Sources cited by Bloomberg claimed the hackers were looking for insider company information, such as research and intellectual property, to be sold on the black market.

The recent attacks appear appear to have been a “waterhole” attack. Hackers gain access to and place viruses on sites they think high-value targets will visit, much like a predator waiting for targets to stop and drink at waterholes.

The hackers don’t know who the victims will actually be, but once their viruses make their way inside the prey’s computers, they can follow the victims back to their company networks and take a look inside.

One such site that was compromised was iPhone Dev SDK, a forum for iOS app developers, on which hackers had placed malware that gained access to victims’ computers through a browser flaw.

The news that the attack emanated from Eastern Europe runs contrary to early reports that Chinese hackers were to blame, which were based on the timing of the attacks—just weeks after the New York Times announced it had been targeted by Chinese hackers—and the sophistication of the hack itself.

A recent report from U.S. cybersecurity consultant Mandiant traced several attacks on American companies to a single Chinese military building, implying China is running a state-sponsored hacking operation.

On Wednesday, China’s Department of Defense denied that the country’s government authorized cyberattacks against the U.S.

Photo by Fristle/Flickr

Share this article
*First Published: Feb 21, 2013, 1:29 pm CST