Feeds

Russian PM's Twitter hacked to slap down Putin, post fake resignation

Mischief-makers also 'ban electricity'

Choosing a cloud hosting partner with confidence

The Twitter feed of the Russian prime minister was hacked on Thursday to post false claims that Dmitry Medvedev had resigned to try his hand as a freelance photographer.

The Russian-language profile, which boasts more than 2.5 million followers, was also updated with messages criticising Russia's president, Vladimir Putin.

Another tweet from the compromised @MedvedevRussia account proposed "banning electricity", the BBC reports.

Shaltay-Boltay, a Russian hacking collective, claimed responsibility for the twitjacking – which appears to have been motivated by a mixture mischief and protest against recent internet restrictions introduced by Russian lawmakers.

"I resign. I am ashamed of the government's actions. I'm sorry," the hijackers said.

Medvedev's office quickly confirmed his account had been hacked and the messages were bogus, Reuters reports.

RT adds that Medvedev's account was hacked at approximately 10:20am Moscow time (07:20 BST). "The hacker produced a flurry of tweets over the 40 minutes he or she was in control," RT reports.

The offending posts were quickly deleted from the seized @MedvedevRussia account, a check by El Reg confirmed.

There's nothing to suggest the hack has anything to do the ongoing conflict in eastern Ukraine.

The BBC adds that the Russian government blocked Shaltay-Boltay's (Russian for Humpty Dumpty) internet blog last month. A site run by the apparently Anonymous-affiliated group, b0ltai.org, is up and running and available to those outside Russia.

Medvedev's English-language Twitter account (@MedvedevRussiaE, 790k followers) was not seized by the attack which, judging by previous similar attacks against celebrities, was probably enabled by weak password security practices by the Russian politician's back room team. Both @MedvedevRussia and @MedvedevRussiaE are verified accounts, but that's a process that only shuts out imposters rather than doing anything one way or another about account hijacking or hacking. Technologies such as two-factor authentication can guard against hijacking, but even they are not foolproof.

Hackers at Shaltay-Boltay also claimed the group had infiltrated several email accounts (Gmail, Timakova and mail.ru) and three iPhones of the Russian prime minister and former president. No solid evidence for the claims was put forward, although they have to be regarded as suspect given reports that Russia is ditching US Apple Corp. kit for government business.

The hackers did post photos and other content from the Medvedev's supposedly pwned Gmail on their site, along with a disclaimer that "all of the above (including the mail file) is a fiction. Any resemblance to real people or events is coincidental."

What the hackers "fictionally claim" to have found is – according to their account – pretty dull. "In general, it's pretty boring and quiet," they write, according to a translation by Google. "The impression is that Dmitry is allowed only to edit some of his speeches and photograph the sights in the places where he appears."

The hackers claimed they'd used the Gmail account supposedly run by Medvedev in an unsuccessful attempt to import a Casio digital watch through Amazon, and said that had been refunded on 1 April. The refund was due to the fact that the shipping address was undeliverable.

We can't help Shaltay-Boltay over-egged the pudding with this highly implausible claim.

Medvedev has had problems with security on the interwebs before. The prime minister denounced online vandals who launched an attack against the site that hosts his LiveJournal blog site back in April 2011, during the time Putin's political number two was president keeping the presidential seat warm for the Kremlin hard man. ®

Internet Security Threat Report 2014

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
China is ALREADY spying on Apple iCloud users, claims watchdog
Attack harvests users' info at iPhone 6 launch
Carders punch holes through Staples
Investigation launched into East Coast stores
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.