Officials in Tampa, Florida, were scrabbling to regain control of the mayor’s Twitter account this week after a hacker hijacked it to post bomb threats and child sex abuse images. The attacker, who took over the account just two weeks before the city’s municipal elections, tried to implicate others in the hijacking.
Mayor Bob Buckhorn’s account is normally filled with pro-Tampa messages. He encourages developers to submit innovative ideas for urban expansion and promotes owner-occupied home repair programs. Early on Thursday morning, however, things went sideways. The mayor’s account was hacked to post messages, most of which were too vile to reproduce here.
The imposter’s tweets included racist and sexist tweets, images of pornography, and child sex abuse images tagging personalities in the gaming community. There was also this tweet:
In another tweet, the hacker reportedly tweeted Tampa airport with this message:
I have hidden a bomb in a package somewhere…Looking forward to seeing some minorities die.
Tampa City Hall was quick to correct the record, with communications director Ashley Bauman issuing the following statement:
Earlier this morning we noticed someone hacked Mayor Buckhorn’s twitter account, this was clearly not Mayor Buckhorn. Upon noticing the hack we immediately began investigating these reprehensible tweets.
We will work with our Tampa Police Department as well as all investigators to figure out how this breach was made. We urge residents to change their passwords and continue to alert officials when they see an unlikely change in account activity. We are working with law enforcement to investigate all threats made by this hack.
However, City Hall still spent five hours wresting control of the account back from the hacker. After working with Twitter, it finally gained access at 9am Eastern time on Thursday, at which point it was able to delete the offending tweets.
The first illegitimate tweet on Buckhorn’s account attributed the hack to three separate people on Twitter, at least two of whom operate online gaming servers. At least one of the three people denied the claim outright:
A verified account was hacked and they tweeted that I hacked it, fyi it was not me, and the same people who hacked it are probably going to try and get my twitter suspended for impersonation due to an exploit (for the 4th time) (@TwitterSupport)— Colby (@MeeZoid) February 21, 2019
The attacker also changed the account for a while to make it seem as though Salem, Oregon, resident Gunner Levy was responsible. Levy has been the victim of other impersonation attacks, including SWATting, before. Someone alerted police that he was going to attack a local school, he told reporters, adding:
This is all just over arguing online.
Most people seem to realise that the attack was a hack pretty quickly, thanks to the egregious nature of the tweets. What would be more worrying is if someone began issuing threats that looked credible.
How did the attacker get in? Experts rolled out the usual weaknesses, including poor passwords.
With that in mind, the use of passphrases or strong passwords with random characters, and the avoidance of words found in the dictionary, are all useful approaches to help protect your Twitter password. Better still is the use of 2FA, which Twitter supports.
The Tampa elections will be held on 5 March, but early voting begins today.