Russian PM's Twitter hacked to slap down Putin, post fake resignation
Mischief-makers also 'ban electricity'
The Twitter feed of the Russian prime minister was hacked on Thursday to post false claims that Dmitry Medvedev had resigned to try his hand as a freelance photographer.
The Russian-language profile, which boasts more than 2.5 million followers, was also updated with messages criticising Russia's president, Vladimir Putin.
Shaltay-Boltay, a Russian hacking collective, claimed responsibility for the twitjacking – which appears to have been motivated by a mixture mischief and protest against recent internet restrictions introduced by Russian lawmakers.
"I resign. I am ashamed of the government's actions. I'm sorry," the hijackers said.
Medvedev's office quickly confirmed his account had been hacked and the messages were bogus, Reuters reports.
RT adds that Medvedev's account was hacked at approximately 10:20am Moscow time (07:20 BST). "The hacker produced a flurry of tweets over the 40 minutes he or she was in control," RT reports.
The offending posts were quickly deleted from the seized @MedvedevRussia account, a check by El Reg confirmed.
There's nothing to suggest the hack has anything to do the ongoing conflict in eastern Ukraine.
The BBC adds that the Russian government blocked Shaltay-Boltay's (Russian for Humpty Dumpty) internet blog last month. A site run by the apparently Anonymous-affiliated group, b0ltai.org, is up and running and available to those outside Russia.
Medvedev's English-language Twitter account (@MedvedevRussiaE, 790k followers) was not seized by the attack which, judging by previous similar attacks against celebrities, was probably enabled by weak password security practices by the Russian politician's back room team. Both @MedvedevRussia and @MedvedevRussiaE are verified accounts, but that's a process that only shuts out imposters rather than doing anything one way or another about account hijacking or hacking. Technologies such as two-factor authentication can guard against hijacking, but even they are not foolproof.
Hackers at Shaltay-Boltay also claimed the group had infiltrated several email accounts (Gmail, Timakova and mail.ru) and three iPhones of the Russian prime minister and former president. No solid evidence for the claims was put forward, although they have to be regarded as suspect given reports that Russia is ditching US Apple Corp. kit for government business.
The hackers did post photos and other content from the Medvedev's supposedly pwned Gmail on their site, along with a disclaimer that "all of the above (including the mail file) is a fiction. Any resemblance to real people or events is coincidental."
What the hackers "fictionally claim" to have found is – according to their account – pretty dull. "In general, it's pretty boring and quiet," they write, according to a translation by Google. "The impression is that Dmitry is allowed only to edit some of his speeches and photograph the sights in the places where he appears."
The hackers claimed they'd used the Gmail account supposedly run by Medvedev in an unsuccessful attempt to import a Casio digital watch through Amazon, and said that had been refunded on 1 April. The refund was due to the fact that the shipping address was undeliverable.
We can't help Shaltay-Boltay over-egged the pudding with this highly implausible claim.
Medvedev has had problems with security on the interwebs before. The prime minister denounced online vandals who launched an attack against the site that hosts his LiveJournal blog site back in April 2011, during the time Putin's political number two was president keeping the presidential seat warm for the Kremlin hard man. ®