Hackers Are Using An Effective Way to Spread Fake News From Verified Accounts
Now, researchers have uncovered a new, cunning attack technique currently being used by hackers to take over verified Twitter accounts and rename them to influential people in order to spread fake news. Dubbed DoubleSwitch, the attack begins with a simple account takeover, but then the hackers change the username and display name with the one having a large influence on social media.
This attack was discovered when two journalists — Milagros Socorro and Miguel Pizarro, a member of Venezuela's parliament — were hacked and then renamed. The hacker then registered a new account, resembling with their original profiles, under the original usernames (Twitter handles), but using the attacker's controlled email addresses.
This means, every time victims try to recover their accounts using regular password reset option, the confirmation emails will be sent to the hijacker, who pretends that the issue has been resolved, making it almost impossible for the victims to recover their account.
Hackers then use hijacked verified accounts, but renamed to another influence, to feed fake news to the millions of followers of the original accounts. While it's unclear how the hackers managed to hijack the verified users at the first place, it is believed that the attack begins with malware or phishing attacks.