UK politician criticizes X (formerly Twitter) after account hijacked by crypto scam

Avatar

Zack Polanski, the deputy leader of the United Kingdom’s Green Party, has called on X (formerly Twitter) to “protect the site’s users more robustly and restore accounts more quickly” after his account was hijacked earlier this week.

Polanski’s account on the social media platform was obtained over the weekend by what appeared to be a cryptocurrency scam replacing the politician’s avatar and header image and posting links to an external site.

“It’s important people are able to engage with their elected representatives’ work through social media,” said Polanski in a statement shared by the Green Party’s press office, adding: “I’m keen that X tackle those who have hacked into my account and restore my access as soon as possible.”

Shortly after Polanski sent Recorded Future News his statement, the account was reinstated, although a Green Party spokesperson said that Polanski still did not have control of it. The commandeering of politicians’ accounts could pose an election integrity risk in the United Kingdom, which is expected to go to the polls later this year.

Polanski’s account takeover mirrors another last week in which a Canadian senator had their X account hijacked to spread a similar scam. The account of Google-owned cybersecurity firm Mandiant was also appropriated by someone sharing links to a cryptocurrency platform.

It is not yet clear how these accounts have been hijacked. Researchers say that dark web forums and marketplaces are increasingly selling access to hijacked X accounts that have been verified with specialized tags — such as the gray tick given to politician and government accounts.

Last month, two researchers discovered vulnerabilities in X they said would allow anyone to take over an account that were not addressed for weeks by the social media site’s team.

Chaofan Shou, a PhD student at the University of California, Berkeley, told Recorded Future News that the company never replied to his email about the issue.

Criticism of the company is growing regarding its ability to protect its users from account takeovers, as well as inauthentic content spamming their timelines, following Elon Musk’s purchase of the site and sacking of hundreds of security employees.

Recorded Future News’ email to X’s press office — which has similarly been denuded of staff — received an automated reply: “Busy now, please check back later.”

CybercrimeNewsPeopleLeadership
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.

 

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Turkish hackers targeting database servers with Mimic ransomware

Next Post

Toronto Zoo says it remains open after ransomware attack

Related Posts

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the Microsoft-owned subsidiary. "The repositories look
Omega Balla
Read More

Exit Scam: BlackCat Ransomware Group Vanishes After $22 Million Payout

The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner. "ALPHV/BlackCat did not get seized. They are exit scamming their affiliates," security researcher Fabian Wosar said. "It is blatantly obvious when you check the source code of the new takedown notice." "There
Avatar
Read More