Testing times for AV-Test as Twitter account hijacked by NFT spammers

Normally the official English-language Twitter account of anti-virus testing organisation AV-Test looks like this:

Av test normal

It does not normally look like this:

Av test not normal

An unauthorised party has seized control of the @avtestorg Twitter account, nuked its profile picture and banner, replaced its name and description with a full-stop, and set about retweeting numerous messages about NFTs. Specifically a collection of multi-coloured NFTs called Doodles.

Sign up to our free newsletter.
Security news, advice, and tips.

This isn’t the normal behaviour of the German-based security testing service. And sure enough, it confirmed late last night that @avtestorg had been hacked, and that it not longer had any access.

Over 12 hours have passed, and Twitter does not appear to have given AV-Test its account back. The unauthorised retweets and defacement of the @avtestorg account are still visible for anybody to see.

AV-Test informs me that the account was protected by a secure password and two-factor authentication (which I would expect, as AV-Test knows what it’s talking about when it comes to security.) It has not at the time of writing received any response from Twitter, but has filed a police report about the incident.

We’re seeing more and more verified Twitter accounts compromised to spread NFT nonsense. Earlier this month, for instance, the official account of the British Army suffered a similar fate.

So, how on earth has this happened? Has there been a security lapse at AV-Test or does the problem somehow lie at Twitter’s door?

We shouldn’t be too quick to blame instantly the owner of a Twitter account after a hack.

After all, just two years ago accounts owned by scores of politicians, celebrities, and large organisations suddenly started tweeting cryptocurrency-related messages to their many millions of followers, after Twitter didn’t do a good enough job of keeping internal tools out of the reach of hackers.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

One comment on “Testing times for AV-Test as Twitter account hijacked by NFT spammers”

  1. Mark Jacobs

    A secure password and 2FA should make it impossible to hack. Some insider at Twitter is being bought to grant hackers access to key accounts.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.