We woke up to the news of the hacking of the official Twitter account of the Kenya Defence Forces. A certain @Anon_0x03 claimed responsibility hacking the KDF account and that of the force's liaison officer Maj Emmanuel Chirchir. The hacker initially claimed he/she was a member of the global hacking group 'Anonymous'.
#cartels run Kenya. #sugar, #insecurityKE, #corruptionKE, #ivorytraffickingKE, #rhinopoachingKE
-- Kenya Defence Forces (@kdfinfo) July 21, 2014
The hackers tweeted: "WARNING: Possible nuclear leak in the region after 2 rockets hit Dimona nuclear facility" IDF deleted the tweet and admitted the account had been compromised, adding that they were "dealing with the issue" and "we will combat terror on all fronts including the cyber dimension". Several international media outlets twitter accounts have also been hacked including the BBC, The Guardian, CBS and The Associated Press. ZERO confirmation to this tweet just put out by @AP: "Breaking: Two Explosions in the White House and Barack Obama is injured.
-- Anonymous (@YourAnonNews) April 23, 2013
While there are instances where hackers use sophisticated algorithms to hack Twitter accounts, most breaches are a result of human error. Very weak passwords and using the same password across different websites that require password authentication is probably the number one cause of hacked accounts.
You could also be setting yourself up for hacking by allowing suspicious third-party apps and websites to access your account. Once hackers get hold of a database of a website or app with weak security, it is easy to get hold of passwords and run the same on secure platforms like Twitter because, well... we tend to use the same passwords.
Twitter support gives you steps on how to detect an account that has been hacked and which steps to take, but largely the first level of security starts with your own diligence.
If you have come across these tweets or a DM: "OMG. Is this you?" or "How to lose weight without breaking a sweat" accompanied with a URL, please do not click, even if it's from a trusted follower. Malicious malware and viruses can be used to access your password and you might be falling right into the trap of a hacker.
There is a high likelihood @kdfinfo and @MajorEChirchir accounts are managed by one person or had the same password, hence the reason they were hit at the same time. Fortunately for KDF, Twitter provides a quick and effective way of reclaiming an account from hackers.