OurMine hacks Sundar Pichai's Quora account

OurMine, a three-man hacker outfit appears to have gained access to Google CEO Sundar Pichai’s Quora account. This group previously gained access to Facebook founder and CEO, Mark Zuckerberg’s Twitter and Pinterest accounts simply by finding out his password from the 2012 LinkedIn breach. The Facebook founder reused his password between his Twitter, LinkedIn and Pinterest accounts which invited this attack. The twitter handle of OurMine was suspended at the time of writing. However in the recent case of gaining access to Quora account, the group as reported by thenextweb.com, managed to break into the account by exploiting a vulnerability in the Quora’s platform, one that apparently was reported to the company with no response in terms of acknowledging or fixing. The team has hijacked social media accounts of YouTube gamer PewDiePie, ex-Twitter CEOs Ev Williams and Dick Costolo, Hollywood actor Channing Tatum, Amazon Vice President and Chief Technology Officer Werner Vogels, Writer Matthew Yglesias, Spotify CEO Daniel Ek, Award winning American blogger Ree Drummond and Businesswoman Randi Zuckerberg. OurMine is attempting to rebrand itself as a “security firm” and has offered to provide support to the ones it targets so that these breaches don’t get repeated. This strategy to gain new customers is different but apparently the company has already made $16,500 selling its services as reported by mic.com. It has mainly been advertising through the social media accounts of the personalities it has targetted and sometimes even tweeting to offer help and solutions to personalities like deadmau5 before taking over his sound cloud account. After following such unconventional approach of hijacking the accounts and yet insisting that they don’t change passwords or damage and distribute personal information, the group has faced flak for asking to be paid over tweets in exchange for the help they offer. In addition to this approach of linking back to their website on social media accounts and leaving their theme song as tweet or posts, they have also bounced from website to website advertising about their services until the notices have been taken down by the site owners. Some of the website owners have also started a change.org petition to shut down the group. The group has been banking on old password dumps and hoping that celebrities and tech elites use the same old passwords as the ones found in the password dumps. The group started as a hacker group in 2014 and a quick whois search does not reveal much apart from the fact that the website has been up since August 2014. It’s hard to trace the base of the team as it has been routing it’s traffic using VPN and the details in domain database also seem to be through a third-party registrar.