New York Post Twitter account hacked, UPI's also appears compromised

16.01.2015
The Twitter account of the New York Post was hacked, and UPI's was also apparently hit, the latest in a string of attacks that have hit the social media channels of high-profile organizations.

At just before 1pm EST, the first in what appear to be a string of false tweets was sent on the UPI account claiming the U.S. Federal Reserve had declared a banking holiday for later in January.

It was followed by a short series of tweets claiming that Chinese forces had fired an anti-ship missile at the U.S.S. George Washington, and that the U.S. ship had returned fire.

"US Joint Chief of staff: USS George Washington damaged, US navy now engaged in active combat against Chinese vessels in South China sea," read one tweet.

At the time, the U.S. Navy's website listed the George Washington as in its home port of Yokohama, Japan.

A further tweet showed purported to quote the Pope as saying "World War III has begun." It was accompanied by an image of Pope Francis that was taken in the Vatican. The Pope is currently on a visit to The Philippines.

About the same time, the New York Post's business section Twitter account also sent out messages claiming the Federal Reserve had called for negative interest rates.

The newspaper's business editor confirmed, via Twitter, that the main account had been hacked.

The incident comes days after the Twitter and YouTube channels of U.S. Central Command were attacked by hackers claiming allegiance to the Islamic State militant group.

When targeting social media accounts, hackers will usually try to either guess the password used or hijack an email address associated with the account and prompt a password reset message. Twitter offers a two-step authentication process to help guard against such attacks. It sends a PIN code to a cellphone that also needs to be entered to gain access, but for companies that can create a problem, especially when several people require access to the account.

As of time of writing, roughly 50 minutes after the first messages were sent, they remain visible.

Martyn Williams covers mobile telecoms, Silicon Valley and general technology breaking news for The IDG News Service. Follow Martyn on Twitter at @martyn_williams. Martyn's e-mail address is martyn_williams@idg.com

Martyn Williams