Script Kiddies Lay Claim To NBC News Twitter Account Hack

The New Acunetix V12 Engine


There was a bit of a buzz on the 10th anniversary of 9/11 when the NBC News Twitter account was hacking and started posting updates regarding a repeated terrorist attack against ground zero.

It only lasted a few minutes but as the account has 120,000 followers – it caused quite a stir. It’s not known how the hackers who call themselves ‘Script Kiddies’ got access to the account, but my guess would be social engineering.

Hackers calling themselves the Script Kiddies took control of the NBC News Twitter account on Friday afternoon and used it to send out a series of hoax Twitter messages claiming there was a repeat terrorist attack on New York’s Ground Zero.

The Script Kiddies had control of the account, which has more than 120,000 followers, for about 10 minutes before it was suspended. During that time they sent three messages stating that hijackers had crashed two airplanes on the site of the Sept. 11, 2001, terrorist attacks. “This is not a joke, Ground Zero has just been attacked. We’re attempting to get reporters on the scene. #groundzeroattacked.” said one of the messages.

Then, a minute later, perhaps sensing that the jig was up, they wrote. “NBCNEWS hacked by The Script Kiddies. Follow them at @s_kiddies!”

That s_kiddies Twitter account was immediately suspended, but according to a cached version of the page, the group describes themselves as “Anonymous Supporters :: Hackers :: Exploiting simplistic methods with hilarious results :: Occasionally doing it for teh lulz :: We are The Script Kiddies.”

The hack was brought to an abrupt end fairly shortly and the perpetrators own Twitter account was also suspended – @s_kiddies.

No major damage was done, but it does interest me as to how this was achieved – it has happened numerous times to celebrities on Twitter. I would have thought a fairly serious news organization would have better controls and processes in place though.

This hack doesn’t have anything to do with the Anonymous group though, it seems to be for the lulz more than anything else.


This type of account compromise is a regular occurrence on Twitter, although it is typically celebrities, and not trusted news organizations, that fall victim. Often the accounts are taken over following a phishing attack. Script Kiddies did not respond to an email asking them how they managed to take over the NBC News account.

Script kiddies is a hacking term, referring to technically unsophisticated hackers who rely on automated scripts rather than hacking wiles to conduct their online attacks.

Friday wasn’t exactly a gold star day for accuracy on Twitter. Earlier in the day, an account associated with CBS News show “What’s Trending” erroneously posted a Twitter message citing rumors that Apple founder Steve Jobs had died. That message was quickly deleted and “What’s Trending” apologized.

I guess this may well be the new Web2.0 version of defacement for a new generation of Script Kiddies – breaking into high profile Twitter/Facebook accounts and spamming them with humorous or offensive updates.

I don’t think there will be any more to this story than what has already been published, I’m sure we’ll see many more similar cases in the future though.

Source: Network World

Posted in: Exploits/Vulnerabilities, Legal Issues, Privacy

, , , ,


Latest Posts:


RidRelay - SMB Relay Attack For Username Enumeration RidRelay – SMB Relay Attack For Username Enumeration
RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges.
NetBScanner - NetBIOS Network Scanner NetBScanner – NetBIOS Network Scanner
NetBScanner is a NetBIOS network scanner tool that scans all computers in the IP addresses range you choose, using the NetBIOS protocol.
Metta - Information Security Adversarial Simulation Tool Metta – Information Security Adversarial Simulation Tool
Metta is an information security preparedness tool in Python to help with adversarial simulation and assess security defense preparation and alerts.
Powershell-RAT - Gmail Exfiltration RAT Powershell-RAT – Gmail Exfiltration RAT
Powershell-RAT is a Python-based Gmail exfiltration RAT that can be used a Windows backdoor to send screenshots or other data as an e-mail attachment.
SCADA Hacking - Industrial Systems Woefully Insecure SCADA Hacking – Industrial Systems Woefully Insecure
It seems like SCADA hacking is still a topic in hacker conferences, and it should be with SCADA systems still driving power stations, manufacturing plants etc.
airgeddon - Wireless Security Auditing Script airgeddon – Wireless Security Auditing Script
Airgeddon is a Bash powered multi-use Wireless Security Auditing Script for Linux systems with an extremely extensive feature list.


One Response to Script Kiddies Lay Claim To NBC News Twitter Account Hack

  1. Bogwitch September 14, 2011 at 8:43 am #

    So a new player in the ‘hack-for-publicity’ camp?
    At least they’re honest about what they’re doing. Using simple tools that are available to all and sundry, not writing their own exploit code.
    did they social engineer to get the password or brute-force it? Who cares. It was a wetware issue one way or another.
    I don’t expect s_kiddies will stay around for too long and if they do, perhaps they’ll only boast about hacking non-twitter sites on twitter; it seems that twitter aren’t keen to have their own site affected…