Here we go again. On Monday, it was Burger King’s Twitter account hijacked with a McDonald’s logo. Today, on Tuesday, it’s Jeep getting hijacked with a Cadillac logo.
For a brief period of time, Jeep’s account had a McDonald’s background. This, as well as the fact that Jeep followed Burger King, suggests the same hackers are at it again (although it’s of course possible these are copycats):
Just like McDonald’s yesterday, Cadillac says it is not responsible for today’s hack:
Just to clarify, Cadillac is not connected to the hack of the @jeep Twitter account.
— Cadillac (@Cadillac) February 19, 2013
Yesterday caused quite a bit of chaos for Burger King. A few hours after the hijacking, the account was suspended. It eventually came back, though many of the tweets were still present. Burger King then protected its tweets and eventually issued an apology.
That was 16 hours ago, and the company hasn’t sent out a tweet since:
Interesting day here at BURGER KING®, but we’re back! Welcome to our new followers. Hope you all stick around!
— BurgerKing (@BurgerKing) February 19, 2013
Yet the party that really needs to be apologizing here is Twitter. Account hijackings are nothing new, and the company has been asked for years to implement two-factor authentication to help thwart such attacks.
Twitter has said before it is working on such a feature and further proof came recently via a “Software Engineer – Product Security” job posting with the following opportunities listed (first spotted by The Guardian two weeks ago):
- Design and develop user-facing security features, such as multifactor authentication and fraudulent login detection.
- Create custom security tools, like @brakeman and @SADB.
- Implement and contribute to emerging defenses, like Content-Security-Policy & Strict-Transport-Security.
- Lead code and design reviews for features shipping from throughout the company.
Aside from that, Twitter has stayed silent regarding beefing up security with such a move.
Update: MTV and BET look to be taking advantage of all the hype by acting as if their accounts were hacked. Before the questionable messages appeared, BET’s social media manager posted the following:
Image credit: kamil101