Hacker plays cat-and-mouse with the EBRD’s Twitter account

Hacker plays cat-and-mouse with the EBRD's Twitter account

The European Bank for Reconstruction and Development (EBRD) is not having the best of mornings, as itself admitted.

Good morning

Not such a great morning, in fact

We have been hacked but now hope that the situation is under control

Earlier today the bank’s @EBRD Twitter account, and that of its sister account @EBRDgreen, were hijacked by a hacker who began to post the kind of messages you don’t normally expect to see from an international financial institution.

Tweet dirty coin

And it seemed the hacker was actually courting the media’s attention by, for instance, tagging BBC home affairs correspondent Daniel Sandford in one message.

Ebrd bbc tweet

Of course, it’s sadly not unusual for Twitter accounts to be breached, but what makes this case somewhat unusual is the very public cat-and-mouse struggle that the EBRD seemed to be having with its hackers.

At one point some may have found it hard to tell which were the genuine tweets made by the EBRD and which had been made by its hacker, as one tweet from @EBRD asked for the account to be locked to stop the hacker and another claimed that it was the hacker who had posted the lockdown request. Only the hacker’s poor spelling and grammar gave the game away.

Cat mouse tweet from hacked EBRD account

Embarrassingly for the bank, the messages from the hacker continued to be posted even after @EBRD had posted an apology on its account.

Sign up to our free newsletter.
Security news, advice, and tips.

At the time of writing, it appears that the EBRD has regained control of its account and repelled its unwanted intruder.

It may, however, wish to take a careful look at its security – ensuring that passwords are not being reused, enabling two-factor authentication where possible, looking carefully at the security of third-party apps it may have connected to its account, and educating the staff about the dangers of phishing attacks.

From the childish appearance of this attack the hack appears to have been more the work of a mischief-maker rather than someone who was setting out to cause more malicious mayhem, but once a cybercriminal has wrestled control of your Twitter account from you it’s all too easy for it to be used to spread disinformation, scams, and malicious links to followers.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.