Navy Warship's Facebook Page Hacked to Stream 'Age of Empires' Gaming – Threatpost

Newsletter
Join thousands of people who receive the latest breaking cybersecurity news every day.
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.
The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.
Share this article:
The destroyer-class USS Kidd streamed hours of game play in a funny incident that has serious cybersecurity ramifications.
The official Facebook page of a destroyer-class Navy warship, the USS Kidd, has gone rogue: Someone has taken over the page in order to…stream Age of Empires play.
Age of Empires is a real-time online multiplayer strategy game in which the objective is to advance one’s civilization. Players “build, settle, trade and fight” their way from the Stone Age into the future, reaching certain milestones (inventing the wheel, ending feudalism) along the way. In the USS Kidd incident, practical jokers have anthropomorphized the warship, so that it appears to be having a great time playing the addictive game:

The pranksters have also changed the page type listing in the “About” information to “Gaming Video Creator.”
The incident was first reported by military news specialist Task & Purpose, which said that the USS Kidd‘s page was officially taken over at 10:26 p.m. on Sunday. The hijacked page of the warship, which finished up its latest active deployment in late September, then posted a joyful “Hahahahaha” and commenced four hours of live Age of Empires action.
One person commented on the post, “Just in time for Cyber Awareness month.”
Infosec Insiders Newsletter
Another five livestreams of the game followed before the posts stopped the next day, on Oct. 4. The posts garnered tens of thousands of views and hundreds of amused comments, including thoughts on the ship’s gaming prowess (i.e., “this guy is awesome but can’t get out of the Stone Age”).
And indeed, it never did progress – not great for a ship whose motto is “On to Victory.”
For its part, the Navy admitted the attack: “The official Facebook page for USS Kidd (DDG 100) was hacked,” Cmdr. Nicole Schwegman, a Navy spokesperson, confirmed to Task & Purpose on Tuesday. “USS Kidd‘s Facebook page had an unauthorized access from an unknown entity.”
In an update on Thursday, she said, “access has been secured by Facebook, and once their procedures are complete we’ll regain access to the page.” However, the page is still not recovered as of press time (4:15 p.m. ET on Oct. 7).
Obvious humor value aside, there are serious security concerns underlying the incident, researchers pointed out. Essentially, the U.S. Navy lost control of the page and could do nothing but watch (literally) as unauthorized people posted unauthorized content.
“It’s easy to look at a compromised Facebook page and think that it’s no big deal,” said Jake Williams, co-founder and CTO at BreachQuest. “But many military units use Facebook pages as an official communication channel, particularly for family-readiness groups. A threat actor compromising an official Facebook page could create confusion and morale problems.”
As for speculating about the cause of the hack, reused credentials might be a good bet, he added.
“Unfortunately, many official pages are managed using a shared login, and as a result, multifactor authentication (MFA) is not enabled,” he said. “Where possible, organizations should not use shared logins for official pages. Instead, they should delegate control of the pages to individual accounts and ensure they have MFA enabled.”
Social-media account takeover (ATO) is a popular activity for cyberattackers, who are putting more and more resources into the activity. For instance, a malware called CopperStealer was recently discovered targeting Facebook and Instagram accounts, along with Apple, Amazon, Bing, Google, PayPal, Tumblr and Twitter credentials.
Crooks can monetize the data by selling credential collections that can be used for brute-force attacks against other, higher-value accounts; they can cause reputational damage through impersonation and rogue posts; or they can use the account to mount malware or phishing attacks on the followers or friends of the original account owner.
Check out our free upcoming live and on-demand online town halls – unique, dynamic discussions with cybersecurity experts and the Threatpost community.
Share this article:
A researcher combed through the Twitch leak and found what they said was evidence of PayPal chargebacks with names and emails; employees’ emails; and more.
The possible cyberattacks include disabling monitoring, location-tracking of children and malicious redirects of parent-console users.
An anonymous user posted a link to a 125GB torrent to 4chan yesterday, containing all of Twitch’s source code, comments going back to its inception and more.

This site uses Akismet to reduce spam. Learn how your comment data is processed.
Join thousands of people who receive the latest breaking cybersecurity news every day.
The rare #UEFI #bootkit drops a fully featured #backdoor on PCs and gains the ultimate persistence by modifying the… https://t.co/YXOpYszUZc
2 days ago
Get the latest breaking news delivered daily to your inbox.
The First Stop For Security News
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.

source