Christmas tree Trojan blamed for NBC News Twitter hack

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Ryan Osborn, MSNBCMore information has emerged which might shine a light on the tasteless hack this weekend on the NBC News Twitter account, which resulted in bogus postings about a 9/11-style terrorist attack.

The latest theory appears to be that the @NBCNews Twitter account was broken into by hackers after the email account associated with it was compromised through the use of a keylogger.

According to an MSNBC report, Ryan Osborn, NBC News’s director of social media, could have been sent a spyware Trojan horse that grabbed passwords as they were typed at the keyboard.

Osborn says that he recently received a suspicious email as Hurricane Irene approached New York. The email had the following characteristics:

Sign up to our free newsletter.
Security news, advice, and tips.

Subject:
Hurricane Alert

Message body:
Ryan, You need to get off TWITTER immediately and protect your family from the hurricane. That is an order.

MSNBC, which is a sister company of NBC News, says that Osborn wrote back to his mystery correspondent saying “I’m sorry. Who is this?” and got the reply “I’m the girl next door”, with a file attached.

Email conversation

Osborn says that when he opened the attachment it contained an image of a Christmas tree.

The supposition is that the Trojan horse installed a keylogger on Osborn’s computer and was then able to gain unauthorised access to NBC News’s Twitter account. With the keys to the castle, it was easy for the hackers – who claimed to be from a gang called the Script Kiddies – to post their moronic insensitive messages:

Tweets from the NBCNews Twitter account

To his credit, Osborn spotted the false messages on the NBC News Twitter account and – despite being locked out after the hackers changed the password – managed to get Twitter to shut down the account within minutes.

The FBI are now investigating the security breach. Hopefully, the emails sent to Osborn’s computer have not been destroyed and might provide some clues as to the identity of those behind the moronic posts.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.