Phishing Attacks Preceded Hack Of AP Twitter Accounts
The Dow Jones Industrial Average on Tuesday put the lie to the notion that tweets are just a frivolous distraction for the bored and wired. The major U.S. stock index swooned 145 points Tuesday afternoon after a message sent from the official Twitter account of The Associated Press falsely reported that explosions had been reported at The White House and that U.S. President Barack Obama was injured.
The Associated Press reported Tuesday that both its main Twitter account @AP and its main mobile account @AP_Mobile were compromised, following what was described as a “phishing attempts on AP’s corporate network,” the news service reported. The AP confirmed that the affected Twitter accounts were suspended following a hack. The service said it was working to correct the issue.
The fake tweet went out shortly after 1 p.m. and read “Breaking: Two Explosions in the White House and Barack Obama is injured.” Stock markets reacted almost immediately, with The Dow Jones Industrial Average, an index of the 30 largest U.S. industrial corporations, dropping from 14,699 to 14,555, 144 points, or about one percent, on the false report.
AP spokesman Paul Colford said the news cooperative is working with Twitter to investigate the issue. The AP has disabled its other Twitter accounts following the attack and AP reporters were asked to use their personal accounts to spread news of the compromise and ask their followers not to “respond to news” posted from the @AP and @AP_Mobile accounts until they were suspended. Many AP staff appeared to take that request to heart, forwarding links to news service reports about the fake tweets.
Twitter accounts are a common target for malicious hackers, spammers and activists who want to spread malicious links or other incendiary material quickly, taking advantage of the broad reach of prominent Twitter users. However, few accounts have the weight of AP’s which is accepted as an official organ of the global syndicated news network.
The exact source of the compromise isn’t known. While AP acknowledged phishing attacks prior to the account takeover, it is not known whether the two events are linked. AP reported that Twitter has not responded to a request for comment.Posted on: April 23, 2013ledgeditor