Swedish government party got their Twitter account bitcoin-hijacked – now the hackers reveal how and why they did it

Swedish government party got their Twitter account bitcoin-hijacked – now the hackers reveal how and why they did it.

Image source: Socialdemokraterna / Facsimile, Twitter

Christian Ploog

christian.ploog@trijo.co

Totte Löfström

totte.lofstrom@trijo.co

Recently, the Swedish Social Democratic Party got their Twitter account hacked. Now, the people behind the attack reveal how they did it – and what the purpose was.

During Monday night (CEST), the Swedish Social Democratic Party got their Twitter account hacked. Among other things, the name of the account was changed to “Bitcoin Democrats”, and tweets claiming that Stefan Löfven resigns as prime minister and that the Swedish krona (SEK) would be replaced by bitcoin were published.

Swedish Social Democratic Party's Twitter account hacked.

Swedish Social Democratic Party’s Twitter account hacked. Text in Swedish: “We have abolished the Swedish krona and replaced it with bitcoin, time to buy!”. Image source: Twitter

After getting in touch with one of the people behind the hacker attack, Trijo News can now reveal how the hijacking of the Swedish Social Democratic Party’s Twitter account went down and what the purpose was.

The method that allegedly was used was that the hackers manipulated Twitter’s support to exploit the function to reset an account’s password.

According to the source, who has presented credible evidence of the hijacking, there were a total of five people behind it.

“I basically contacted Twitter’s support pretending to be Stefan Löfven. Twitter used to be really good with verifying identities until we found a way to get past them”, the source writes to Trijo News.

Asked to change email

The person contacted Twitter and asked for help to change the email address for the Social Democratic Party’s Twitter account. At the same time, they created a new domain name that contained the party’s name and whose server the email address would be hosted on. Twitter, in turn, asked for official documentation that would prove the person’s identity.

When you have come this far in the process, it is basically guaranteed that you will have access to the Twitter account you are targeting, according to the source.

“Once we got that email, I got creative and started writing a document. At first, me and my friends, who were in on this, had a good laugh because our final result document looked like a joke”, the source writes.

Fake document about the Swedish Social Democratic Party.

The fake document that the hackers sent to Twitter.

After a few days, Twitter replied that the email address had been replaced and that the new one now was connected to the Social Democratic Party’s Twitter account. But since the Social Democratic Party also had a phone number linked to the Twitter account, the hackers had to contact Twitter’s support again and ask to manually get a link to reset the password.

Reset password for the Swedish Social Democratic Party's Twitter account.

Image source: Twitter

“We clicked on the link they gave us and set up a new password”, the source continues.

After this, the account was hijacked.

According to the source, it took Twitter about 30 minutes to realize something was wrong.

Why did you do this?

“As a fun thing, really. We were informed about this method and thought we should try it out. Then we all came to the conclusion that this was way too overpowered. Hence why we’re releasing it to get it patched”, the source tells Trijo News and continues:

“You see, it’s clear that hacking no longer is defined as rooting a server to acquire state secrets. Hacking nowadays is staying one step ahead of technical support.”

But some kind of political motive seems to have influenced the choice of target.

“I just find socialism wrong. I’ve always had a survival of the fittest-instinct kinda, and whoever can’t make their own money is just being lazy”, says the source.

Raises questions

When Trijo News contact the Social Democratic Party, they decline to comment on what actions they have taken to avoid this in the future, referring to security reasons. But according to John Zanchi, head of election at the party, this is not the first time they are the subject of digital attacks.

“Of course, this raises questions when it comes to security and this is something that we will take into account when we discuss future strategies for digital platforms, also with our providers”, says John Zanchi to Trijo News.

Easier to hack the human than the computer

According to Christopher Jämthagen, an expert on IT security, this case mainly shows that Twitter is not up to date with their safety routines.

“If the data is correct, this completely clears the Social Democratic Party, and the blame will instead be on Twitter, which turns out to have inadequate procedures for account recovery”.

He believes that today’s hackers do not necessarily need deep technical knowledge to hijack accounts on different websites.

“Instead, it is social skills and social engineering that are behind many of today’s hacker attacks, and we see this in this case as well. Hacking the person behind the computer is easier than hacking the computer itself”, says Christopher Jämthagen.

Trijo News has unsuccessfully reached out to Twitter for comment.

Follow Trijo News on FacebookTwitter and Instagram.

Keep up with the latest news

Read more