Student arrested for hacking Prime Minister’s Twitter account

Graham Cluley
Graham Cluley
@[email protected]

Wearing a baseball cap and sunglasses, Aekawit Thongdeeworakul appeared at a press conference in BangkokPolice in Thailand have arrested a university student who is said to have admitted hacking into the Prime Minister’s Twitter account and posting messages accusing her of incompetence.

22-year-old Aekawit Thongdeeworakul, a fourth year architecture student at Chulalongkorn University, could face up to two years in prison if found guilty of illegally accessing computer systems without authorisation.

Thailand’s Prime Minister, Yingluck Shinawatra, had her Twitter account hacked last weekend – and her followers saw a stream of messages criticising her leadership.

Yingluck Shinawatra's Twitter account

Sign up to our free newsletter.
Security news, advice, and tips.

The hacker’s final tweet read:

"If she can't even protect her own Twitter account, how can she protect the country?"

In bizarre scenes, Thongdeeworakul appeared before reporters at a hastily convened news conference in Bangkok, alongside ICT Minister Anudith Nakornthap.

The minister told members of the press that the alleged hacker believed his actions were innocent “as he didn’t realise it would be a big deal.”

According to the ICT minister, Thai Prime Minister Yingluck Shinawatra had her Gmail account hacked on September 30th by unknown people, and her password was disseminated across the computer underground.

From the sound of things, Ms Shinawatra was not following my advice on how to stop your Gmail account being hacked.

Thongdeeworakul is said to have subsequently used the information to gain access to the prime minister’s Twitter account. The IP address used to access the account ultimately lead investigators back to Thongdeeworakul.

The architecture student remained silent at the press conference, shrouded by a baseball cap and dark sunglasses.

Remember folks – just because you can access someone else’s email, Facebook or Twitter account without the owner’s persmission doesn’t ever mean it’s an acceptable thing to do. In fact, it’s breaking the law and could lead to you getting in a lot of trouble.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.