The recent hacking of Indian Prime Minister Narendra Modi’s Twitter account throws fresh questions into how Twitter secures its keys, educates employees about cyber threats, and protects the accounts of millions of users worldwide.
Around midnight on Wednesday, the verified Twitter account of Indian Prime Minister Narendra Modi, which enjoys over 2.5 million followers, was hacked, allowing the hackers to post several messages asking his followers to donate Bitcoin to a wallet address.
“I appeal to you all to donate generously to PM National Relief Fund for Covid-19, Now India begin with cryptocurrency,” one of the tweets read. The move was certainly an attempt to leverage the account’s wide reach to lure people into donating Bitcoin into a Bitcoin wallet owned by the fraudsters.
The hacking of Modi’s Twitter account took place shortly after CERT-In, India’s computer emergency response team, warned that hackers were targeting users of an email service for the Government of India (email.gov.in) that is used by ministers, bureaucrats, various functionaries, and the Prime Minister himself.
According to CERT-In, hackers were sending phishing emails to users of the email service, asking them to click on fake domains designed to mimic genuine government ones. The hackers used fake domains such as email-gov.in, emalegovin.webhostapp.com, and safebrowsinginddia.webhostapp.com to lure recipients into clicking on such links.
“The campaign often involves emails pretending to be from NIC asking users to “verify” their accounts or other such pretexts. The email contains a link to one of the spoofed websites which steal the user’s login credentials.
“Further, it has been observed that successfully phished email accounts are then used to send malware-containing emails to other sensitive government organisations and users. These mails contain topical and context-aware content to lure the target into opening the malicious attachment, thus infecting the system. The malware can then create persistence inside the targeted organisations’s network, and be used for various malicious activities such as stealing sensitive data,” CERT-In added.
Latest hacking incident similar to the massive hack of Twitter accounts in July
The use of Modi’s hacked Twitter account to ask his followers to donate Bitcoin to a certain wallet is very similar to the actions of a group of fraudsters who hacked the Twitter accounts of celebrities like Tesla CEO Elon Musk, former Microsoft boss Bill Gates, former U.S. President Barack Obama, Democratic candidate Joe Biden, Amazon CEO Jeff Bezos, Kanye West, and the official Twitter accounts of Apple and Uber in July.
Having gained control over these accounts, spammers proceeded to tweet Bitcoin exchange deals, asking Twitter users to send certain amounts of BTC to a specified wallet address and receive a large sum in return. Considering these offers came from global celebrities themselves, many Twitter users fell for it,…