Feeds

Russian PM's Twitter hacked to slap down Putin, post fake resignation

Mischief-makers also 'ban electricity'

Secure remote control for conventional and virtual desktops

The Twitter feed of the Russian prime minister was hacked on Thursday to post false claims that Dmitry Medvedev had resigned to try his hand as a freelance photographer.

The Russian-language profile, which boasts more than 2.5 million followers, was also updated with messages criticising Russia's president, Vladimir Putin.

Another tweet from the compromised @MedvedevRussia account proposed "banning electricity", the BBC reports.

Shaltay-Boltay, a Russian hacking collective, claimed responsibility for the twitjacking – which appears to have been motivated by a mixture mischief and protest against recent internet restrictions introduced by Russian lawmakers.

"I resign. I am ashamed of the government's actions. I'm sorry," the hijackers said.

Medvedev's office quickly confirmed his account had been hacked and the messages were bogus, Reuters reports.

RT adds that Medvedev's account was hacked at approximately 10:20am Moscow time (07:20 BST). "The hacker produced a flurry of tweets over the 40 minutes he or she was in control," RT reports.

The offending posts were quickly deleted from the seized @MedvedevRussia account, a check by El Reg confirmed.

There's nothing to suggest the hack has anything to do the ongoing conflict in eastern Ukraine.

The BBC adds that the Russian government blocked Shaltay-Boltay's (Russian for Humpty Dumpty) internet blog last month. A site run by the apparently Anonymous-affiliated group, b0ltai.org, is up and running and available to those outside Russia.

Medvedev's English-language Twitter account (@MedvedevRussiaE, 790k followers) was not seized by the attack which, judging by previous similar attacks against celebrities, was probably enabled by weak password security practices by the Russian politician's back room team. Both @MedvedevRussia and @MedvedevRussiaE are verified accounts, but that's a process that only shuts out imposters rather than doing anything one way or another about account hijacking or hacking. Technologies such as two-factor authentication can guard against hijacking, but even they are not foolproof.

Hackers at Shaltay-Boltay also claimed the group had infiltrated several email accounts (Gmail, Timakova and mail.ru) and three iPhones of the Russian prime minister and former president. No solid evidence for the claims was put forward, although they have to be regarded as suspect given reports that Russia is ditching US Apple Corp. kit for government business.

The hackers did post photos and other content from the Medvedev's supposedly pwned Gmail on their site, along with a disclaimer that "all of the above (including the mail file) is a fiction. Any resemblance to real people or events is coincidental."

What the hackers "fictionally claim" to have found is – according to their account – pretty dull. "In general, it's pretty boring and quiet," they write, according to a translation by Google. "The impression is that Dmitry is allowed only to edit some of his speeches and photograph the sights in the places where he appears."

The hackers claimed they'd used the Gmail account supposedly run by Medvedev in an unsuccessful attempt to import a Casio digital watch through Amazon, and said that had been refunded on 1 April. The refund was due to the fact that the shipping address was undeliverable.

We can't help Shaltay-Boltay over-egged the pudding with this highly implausible claim.

Medvedev has had problems with security on the interwebs before. The prime minister denounced online vandals who launched an attack against the site that hosts his LiveJournal blog site back in April 2011, during the time Putin's political number two was president keeping the presidential seat warm for the Kremlin hard man. ®

New hybrid storage solutions

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.