ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > OurMine

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Other threat group: OurMine

NamesOurMine (real name)
ATK 128 (Thales)
TAG-HA10 (?)
CountrySaudi Arabia Saudi Arabia
MotivationFinancial gain
First seen2016
DescriptionOurMine is known for celebrity internet accounts, often causing cyber vandalism, to advertise their commercial services.

(Trend Micro) In light of the recent report detailing its willingness to pay US$250,000 in exchange for the 1.5 terabytes’ worth of data swiped by hackers from its servers, HBO finds itself dealing with yet another security breach.

Known for hijacking prominent social media accounts, the self-styled white hat hacking group OurMine took over a number of verified Twitter and Facebook accounts belonging to the cable network. These include accounts for HBO shows, such as “Game of Thrones,” “Girls,” and “Ballers.”

This is not the first time that OurMine has claimed responsibility for hacking high-profile social networking accounts. Last year, the group victimized Marvel, The New York Times, and even the heads of some of the biggest technology companies in the world. Mark Zuckerberg, Jack Dorsey, Sundar Pichai, and Daniel Ek — the CEOs of Facebook, Twitter, Google and Spotify, respectively — have also fallen victim to the hackers, dispelling the notion that a career in software and technology exempts one from being compromised.
ObservedSectors: Casinos and Gambling, High-Tech, Media, Telecommunications.
Countries: UK, USA.
Tools used
Operations performedOct 2016BuzzFeed hacked by OurMine after it claimed to unmask one of its members
<https://www.theguardian.com/technology/2016/oct/05/buzzfeed-hack-ourmine-ahmad-makki-facebook-google>
Dec 2016Breach of Netflix and Marvel Twitter accounts
<https://techcrunch.com/2016/12/21/ourmine-hacks-netflixs-u-s-twitter-account/>
Dec 2016Breach of Nat Geo Photography’s Twitter account
<https://www.hackread.com/ourmine-hacks-nat-geo-photography-twitter-account/>
Jan 2017Breach of several Twitter accounts affiliated with WWE, including those of WWE Universe, WWE NXT, wrestler and celebrity John Cena, WrestleMania, WWE Network and Summer Slam
<https://mashable.com/2017/01/29/wwe-accounts-twitter-hack-ourmine/>
Apr 2017Breach of several Medium blogs
<https://fortune.com/2017/04/27/medium-ourmine-hack/>
Aug 2017Game of Thrones secrets revealed as HBO Twitter accounts hacked
<https://www.theguardian.com/media/2017/aug/17/game-of-thrones-secrets-revealed-as-hbo-twitter-accounts-hacked>
Aug 2017Breach of VEVO
Vevo, the joint venture between Universal Music Group, Sony Music Entertainment, Abu Dhabi Media, Warner Music Group, and Alphabet Inc. (Google’s parent company), was just hacked. Roughly 3.12TB worth of internal files have been posted online, and a couple of the documents reviewed by Gizmodo appear sensitive.
<https://gizmodo.com/welp-vevo-just-got-hacked-1813390834>
Aug 2017Breach of PlayStation social media accounts
<https://www.welivesecurity.com/2017/08/21/hackers-target-playstation/>
Aug 2017Breach of Twitter accounts of FC Barcelona and Real Madrid
<https://www.welivesecurity.com/2017/08/28/hacking-group-spanish-giants/>
Sep 2017Breach of DNS records of WikiLeaks
<https://www.grahamcluley.com/despite-appearances-wikileaks-wasnt-hacked/>
Jan 2020OurMine crew hijacks social media accounts for the NFL, the 49ers, Cardinals, Bears, Bills, Broncos, Browns, Bucs, Cowboys, Colts, Chiefs, Eagles, Giants, Packers, Texans, and Vikings.
<https://www.zdnet.com/article/hackers-hijack-twitter-accounts-for-chicago-bears-and-green-bay-packers/>
Feb 2020Breach of Facebook's Twitter, Instragram, Messenger's Twitter and Messenger's Instagram accounts
<https://www.zdnet.com/article/hackers-deface-facebooks-official-twitter-and-instagram-accounts/>
Feb 2020Breach of the official Twitter accounts of FC Barcelona, the Olympics and the International Olympic Committee (IOC)
<https://www.welivesecurity.com/2020/02/17/fcbarcelona-twitter-account-hacked-again/>
Information<https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/hbo-twitter-and-facebook-accounts-hacked-by-ourmine>
<https://en.wikipedia.org/wiki/OurMine>

Last change to this card: 20 April 2020

Download this actor card in PDF or JSON format

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key