Frame-14

Privacy Ninja

        • DATA PROTECTION

        • Email Spoofing Prevention
        • Check if your organization email is vulnerable to hackers and put a stop to it. Receive your free test today!
        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • AntiHACK Phone
        • Boost your smartphone’s security with enterprise-level encryption, designed by digital forensics and counterintelligence experts, guaranteeing absolute privacy for you and up to 31 others, plus a guest user, through exclusive access.

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$3,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Secure your digital frontiers with our API penetration testing service, meticulously designed to identify and fortify vulnerabilities, ensuring robust protection against cyber threats.

        • Network Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Mobile Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Web Penetration Testing
        • Fortify your web presence with our specialized web penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats.

        • RAPID DIGITALISATION

        • OTHERS

Two Charged For Hacking NBA, NFL Players’ Social Media Accounts

Two Charged For Hacking NBA, NFL Players’ Social Media Accounts

The US Department of Justice charged two men for their involvement in the fraudulent takeover of email and social media accounts owned by multiple National Football League (NFL) and the National Basketball Association (NBA) athletes.

Between December 2017 and April 2019, Trevontae Washington from Louisiana and Ronnie Magrehbi from Florida allegedly compromised and took over Facebook, Twitter, Instagram, and Snapchat social media accounts of several professional and semi-professional football and basketball players employed by the NFL and the NBA.

The two men were charged with one count of conspiracy to commit wire fraud (maximum 20 years in prison and a fine of up to $250,000) and one count of conspiracy to commit computer fraud and abuse (maximum five years in prison and a fine of up to $250,000).

Compromised accounts used for extortion

While Washington only sold access to the compromised accounts to others to further exploit them for various amounts ranging from $500 to $1,000, Magrehbi also extorted the NFL player whose Facebook, Twitter, Instagram, and Snapchat accounts he managed to take over.

“Magrehbi extorted the player, demanding payment in return for restoring access to the accounts,” a DoJ press release published today explains.

“The player sent funds on at least one occasion, portions of which were transferred to a personal bank account controlled by Magrehbi, but never regained access to his online accounts.”

Washington and Magrehbi used the same tactic to gain access to the NFL and NBA players’ accounts: they contacted them via Instagram direct message with a “clickable link to a Facebook site that purported to solicit community support from professional athletes” according to the two criminal complaints [12].

Once the victims clicked the link on their personal smartphones, they were brought to what seemed like a Facebook login page.

After entering their credentials to login on the social media platform, they were locked out of multiple social media accounts including Facebook, Twitter, Instagram, and Snapchat.

Also Read: PDPA Breach Penalty Singapore: How Can Businesses Prevent

NFL teams’ social accounts hijacked earlier this year

Social media accounts of NFL teams and of the league itself have also been targeted earlier this year by the OurMine hacking crew who successfully managed to take them over briefly in January 2020 after two years of inactivity.

As BleepingComputer reported at the time, OurMine targeted and hijacked the Twitter, Facebook, and/or Instagram accounts of the NFL and the following 15 NFL teams with a combined number of tens of millions of followers: Dallas Cowboys, Buffalo Bills, Houston Texans, Minnesota Vikings, Chicago Bears, Kansas City Chiefs, Green Bay Packers, Arizona Cardinals, Cleveland Browns, Denver Broncos, Indianapolis Colts, New York Giants, Philadelphia Eagles, San Francisco 49ers, and Tampa Bay Buccaneers.

The hackers were able to take over these social media accounts in just over two hours and then moved to hijacking the accounts of other high-profile victims including but not limited to Enrique Hernández (second baseman for L.A. Dodgers), Matt Raub (director, producer, writer), and Eduardo Saverin (Facebook co-founder).

Also Read: 7 Simple Tips On How To Create A Good Business Card Data

Social media users can secure their accounts from takeover attempts by enabling two-factor authentication (2FA) and paying closer attention to suspicious login pages.

OurMine is known for taking over accounts of high-profile companies and tech execs without 2FA protection using leaked credentials as part of previous data breaches.

BBC, New York Times, Netflix, Sony Music Global, National Geographic, Sundar Pichai, Jack Dorsey, and many other companies and tech execs are among their victims since 2016 when they took over the social media accounts of Facebook founder Mark Zuckerberg‘s Twitter, LinkedIn and Pinterest accounts.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us