CNET también está disponible en español.

Ir a español

Don't show this again

Security

Marvel -- and several Avengers -- just got hacked on Twitter

Self-described white hat security group OurMine claims responsibility for hacking the official Twitter accounts of Marvel and some of its most popular characters, including Captain America and Tony Stark.

A message from the hacking group OurMine posted to Marvel's verified Twitter account.

CNET/Screenshot by Ry Crist

Sign of the times: even the Avengers are getting hacked.

At least, they are on Twitter. The self-described white hat security group OurMine is claiming responsibility for taking over the verified accounts of Marvel, The Avengers, Ant-Man, Captain America, Tony Stark and an unverified account for the Incredible Hulk. In each case, they posted at least one message describing the hack as a security test, complete with an email address for Marvel to contact "to help you with your security."

Hacking groups that describe themselves as "white hat" consider themselves the good guys who point out security flaws without taking advantage of them. Marvel didn't say whether or not they'd gotten in touch with OurMine, but a spokesperson told me, "We're investigating and taking immediate action to remedy the situation."

OurMine alerted me to the hack as it happened, and told me they were able to pull it off by hacking directly into the Marvel Twitter feed. From there, the accounts of the other Marvel properties involved in the hack were apparently linked via Tweetdeck, allowing OurMine access.

OurMine has a long track record of high-profile attacks, including a takeover of the Netflix US account just this morning. Previous targets have included Google CEO Sundar Pichai and Facebook CEO Mark Zuckerberg.

I asked OurMine if they had any other hacks planned for today. They told me that they weren't sure, "but 70% we have a hack tomorrow."

The Twitter accounts for characters Tony Stark, Captain America and Ant-Man were apparently linked to the main Marvel account via the Twitter client Tweetdeck. OurMine hacked those, too.

CNET/Screenshot by Ry Crist

Update:The NFL Network's Twitter account has now been hacked as well.