For the big guns in India, Twitter is no longer a safe place.Â
At 8.30 p.m on Nov. 30, Rahul Gandhi, the heir of the Indian National Congress Party, India’s oldest political party, started tweeting a series of obscene posts to his 1.2 million followers. The half-a-dozen tweets posted in the next 40 minutes were demeaning and aimed at insulting Rahul Gandhi himself. His bio on Twitter was changed to “Retarded Gandhi.”Â
Shortly afterwards, a spokesperson for the Congress party confirmed that Gandhi’s account had been hacked. A hacker group, which calls itself ‘Legion’, took responsibility for the hack, though it didn’t disclose the motive behind it.Â
Hacking of@OfficeofRG proves lack of Digital safety around each one of us. Every digital info can be accessed, altered, morphed & modified.
â Randeep S Surjewala (@rssurjewala) November 30, 2016
The hacking didn’t stop there. The official account of the Congress Party, @IncIndia also suffered a security breach. At 10.27 a.m. on Dec. 30, the account tweeted, “For every retard our there who thinks we have a political agenda â No, we don’t.” Shortly afterwards, this account was restored too.Â
Twitter remained tight lipped on the matter, saying it doesn’t comment on security breaches of individual accounts.
For a week, things were quiet. But early Dec. 9 morning, Legion struck again. This time, on the receiving end was Indian typhoon Vijay Mallya. The personal damaging tweets posted on his account, which revealed credentials of several of his email accounts, were live for the world to see for more than nine hours. Â
Mallya, who was once the member of India’s parliament, took the country by surprise in March when he quietly left the nation to find new home in the UK. Mallya owes over a dozen Indian banks roughly $1,35 billion. A month after he left, the Indian government revoked his passport and issued a warrant for his arrest. The Indian government also wrote to UK government requesting Mallya’s deportation. “Legion will find you, hack you, expose you,â the hacker group wrote in one of the tweets.Â
By now, it had become clear that Legion was after top public figures in India. And not only could it hack Twitter accounts, it was also able to hack other email accounts and intended to release a trove of personal emails and other information to public. And the group was just getting started.Â
At midnight Dec. 9, it hacked Twitter accounts of Barkha Dutt and Ravish Kumar, two prominent journalists with NDTV news channel. Dutt is one of the most vocal English journalists in India. Best known for her coverage of Kargil war, Dutt found herself in hot water in 2010, when she was accused of compromising her journalistic ethics. Legion has released a “partial dump” of 1.2GB of her personal emails.Â
Kumar is one of the most popular Hindi journalists in India. His storytelling and journalistic skills are often praised. So much unique is his TV presenting skills that earlier this year, in his show he turned off the video feed in what was his way of showing protest to dramatic, loud and mostly unnecessary debates on other news channels. Â
The series of hacks over the past few weeks has put a dent on Twitter’s image. In the aftermath, many wonder how secure their Twitter accounts are. Twitter remains tight lipped on the matter, though according to a report, the social networking company believes the hackers arenât exploiting its service to make unauthorized access.Â
The group claims it has a bypass for Twitter two-factor authentication to get access to Twitter accounts.
Thatâs only partly true. One Legion member, who spoke to Mashable India over email, claimed that it has a bypass for Twitter two-factor authentication to get access to the account. “In the hacks in the past weeks, nothing was abused except Twitter’s password reset functionality,” he added.Â
“There is no zero-day vulnerability in Twitter currently being exploited by us,” the hacker says, insisting that the group targets the mail servers and “pawns the networks”.Â
“We also use our Twitter 2FA (two-factor authentication) bypass to get access to the account, when needed,” the member added. Twitter didn’t respond to Mashable India‘s request for comment.Â
Legion sure seems confident about its ability to make way to othersâ Twitter accounts. When we asked if, hypothetically, it could hack Indiaâs Prime Minister Narendra Modiâs account, the member replied with a “Yes.” What is more concerning is the amount of sensitive information the group is said to be sitting on. The group says it will release personal data of several individuals over the coming days. “Lots of them,” it adds.Â
The group is already in possession of “several terabytes of raw data concerning all sorts of ‘interests'” relating to several Indian public figures, it told the Washington Post.Â
Unlike many of its peers, Legion doesn’t have a clear motivation, it told Mashable India. It is just trying to “connect dots,” it said, without disclosing what the final picture looks like.Â
“We have affiliations only with the Blackhat underground â our influence comes from el8, zf0, ac1db1tch3z, h0no (hacking groups) and the affiliated groups of Project Mayhem and it’s sleeper cells like GoD,” the Legion member told us.
All the aforementioned groups have previously made public big holes in widely used services. Hacker group named “ac1db1tch3z”, for instance, took responsibility for exploiting the Linux kernel in 2010. ZF0 has previously targeted security experts and popular online hacking communities. Â Project Mayhem is a cult-like organization and has a mention in Brad Pitt starrer 1999 movie ‘Fight Club’.Â
Legion says it is just getting started and India’s public figures should be worried. What remains unclear at the moment, however, is the impact this is going to have on Twitter in what has largely been a forgetful year for the company.