A group is attacking governmental accounts in Latam

The campaign began in Spain, where Twitter accounts of several municipalities were hijacked.

Unknown persons hacked the official Twitter account of the Jalisco Prosecutor’s Office on August 16, 2019. Those responsible changed the profile picture and account description, putting an image with hands holding bills. The attackers also left a message that said: “This account has been hacked by corruption.”

The State Government announced that the Cyber Police of the agency itself initiated investigations to find those responsible for the attack.  

“We categorically refuse to be the origin of the messages that are issued from this account, as long as their control is not regained. We condemn these attacks that represent an attack on freedom of information by an official agency,” the Jalisco government said in a statement.

Similar attacks in Latin America

The modus operandi of the attackers is similar to other attacks registered in Latin America and Europe, so the Mexican Ministry of Security and Protection (SSPC) published a bulletin stating that these attacks are part of a campaign that every time It has more participants.

The campaign began in Spain, where Twitter accounts of several municipalities were victims of this attack; among them the city councils of Albacete, Valencia, and Pamplona.

After new attacks in Argentina and Mexico, the proactive threat detection company ESET Latin America warned about the existence of a campaign of attacks aimed at the kidnapping of social media accounts of public bodies and officials in different countries of Latin America and Europe. 

So far, reports indicate that these attacks have been recorded in Argentina, Spain, Guatemala, Mexico, El Salvador, and Panama, but the strikes are expected to spread to other countries.

After the attacks in Mexico, accounts of public agencies in Argentina joined the list of victims of this kind of attack.

The attacks have pointed to the kidnapping of Twitter profiles, where once they manage to take control of the accounts, the attackers publish the message “this account has been hacked by corruption.” Also, the actors behind this operation published insults and threats against public officials of the countries in question. On the other hand, according to the statement, the possibility that the attacks are directed to the profiles of other social networks that have a weak configuration from security is not ruled out.

In most cases, in addition to the messages, the attackers exchange the profile picture for a two-handed image by exchanging tickets and modifying the account description.

In Mexico, the official account of the State Secretariat of Public Security of Quintana Roo, and that of the Jalisco State Prosecutor’s Office suffered the same attack, in which, in addition to the changes as mentioned earlier, they published threatening messages against the Mexican president. Hours later, the authorities managed to restore the account and confirmed the incident.

In the case of Argentina, last Thursday, August 15, the Twitter account of the Government of Chubut was compromised. As in the other cases, the attackers also modified the profile picture and description and included a series of insults against the Argentine president.

From the Undersecretary of Public Information of the provincial government, the fact was confirmed by highlighting that the comments made during the attack on the account do not reflect the opinion of the Provincial Executive Power, so the corresponding complaint was made.

For its part, Twitter remembers that in case of suffering an attack, they must request the reset of the password from the following form created for this purpose. For more information about what to do in case your Twitter account is hijacked, go to the next official page.

“As preventive measures for these types of attacks, it is convenient to periodically change the password, using the characteristics of robust passwords, which are difficult to guess and easy to remember. Also, it is convenient to configure the double authentication factor and to install, configure and update reliable security solutions, on the devices from which social network accounts are accessed,” says Camilo Gutierrez, Head of the ESET Research Laboratory Latin America.