hack

After Vijay Mallya, NDTV journalists Barkha Dutt and Ravish Kumar’s Twitter accounts have been hacked, with data such as email passwords posted by the hacker group ‘Legion’ through their Twitter account.

The hack is similar to both Rahul Gandhi’s and other Congress members Twitter account hacks or Vijay Mallya’s account hack last week. It’s not clear how hackers keep gaining access to Twitter and related accounts, and Twitter had continued being silent on this matter. The offending Tweets however, have been taken down for now. Interestingly one of the Tweets taken down claimed that the next target would be ex-IPL boss Lalit Modi.

barkhadutttwitterhack

Data dump:
Mirroring the previous hacks, the hackers have threatened to dump email data from both the journalists, and apparently dumped 1GB of email files too, although this couldn’t be verified. Note that while the hackers did dump some data in Mallya’s case, its authenticity was not clear. Additionally, the group’s threats to release dumps of Congress files are yet to come true. A screenshot of Ravish Kumar’s hacked Twitter account here.

New India centric hacker group?

Note that while we speculated before that the hacker’s use of “We are Legion”, a statement typically linked to the hacktivist group of anonymous hackers, suggested the group Anonymous at play rather than an independent group called Legion. However, it increasingly looks like this outfit is independent from the group Anonymous – it picks only India-centric targets, and the hacker group Anonymous is yet to make a claim. Additionally, it looks like the person responsible gave the Washington Post an interview, claiming “(we) ended up with access to over 40k+ servers in India, and we decided — hey, why not write a tool to sift through them for interesting data?”

As we have mentioned before, often accounts get compromised because of access permissions given to other applications, which use Twitter authentication, and seek permission to post details.

You can remove applications’ permission to access your twitter account here.