Christmas tree Trojan blamed for NBC News Twitter hack

Filed Under: Law & order, Malware, Social networks, Spam, Twitter

Ryan Osborn, MSNBCMore information has emerged which might shine a light on the tasteless hack this weekend on the NBC News Twitter account, which resulted in bogus postings about a 9/11-style terrorist attack.

The latest theory appears to be that the @NBCNews Twitter account was broken into by hackers after the email account associated with it was compromised through the use of a keylogger.

According to an MSNBC report, Ryan Osborn, NBC News's director of social media, could have been sent a spyware Trojan horse that grabbed passwords as they were typed at the keyboard.

Osborn says that he recently received a suspicious email as Hurricane Irene approached New York. The email had the following characteristics:

Hurricane Alert

Message body:
Ryan, You need to get off TWITTER immediately and protect your family from the hurricane. That is an order.

MSNBC, which is a sister company of NBC News, says that Osborn wrote back to his mystery correspondent saying "I'm sorry. Who is this?" and got the reply "I'm the girl next door", with a file attached.

Email conversation

Osborn says that when he opened the attachment it contained an image of a Christmas tree.

The supposition is that the Trojan horse installed a keylogger on Osborn's computer and was then able to gain unauthorised access to NBC News's Twitter account. With the keys to the castle, it was easy for the hackers - who claimed to be from a gang called the Script Kiddies - to post their moronic insensitive messages:

Tweets from the NBCNews Twitter account

To his credit, Osborn spotted the false messages on the NBC News Twitter account and - despite being locked out after the hackers changed the password - managed to get Twitter to shut down the account within minutes.

The FBI are now investigating the security breach. Hopefully, the emails sent to Osborn's computer have not been destroyed and might provide some clues as to the identity of those behind the moronic posts.

, , , , , , , , , , , , ,

You might like

3 Responses to Christmas tree Trojan blamed for NBC News Twitter hack

  1. Dave · 1447 days ago

    Apparently opening attachments in email from people you've never heard of is still common practice <facepalm>

    Thank you clueless people for my job security :)

  2. two cents · 1447 days ago

    I'm sorry - but why on earth would he open that attachment? While responding was questionable enough in my book, I suppose I can kind of understand that... but with such a random answer and an attachment... really? No name - what kind of picture was he expecting?

  3. Robert Gronson · 1445 days ago

    Whaddup, I used to be in a group with The Script Kiddies guy. I can assure you that the email with the picture of the tree had nothing to do with how it was hacked. We did not send any emails to that email address.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley