Skip to main content

OurMine just hacked Variety, sending subscribers dozens of messages

Hacker
Image used with permission by copyright holder
OurMine has struck again, and this time, its victim had victims, too. Variety became the latest subject of the security group’s hacking efforts, and as a result, the publication’s subscribers found their inboxes flooded with dozens of copies of identical messages. Because there’s nothing like starting your long weekend with spam, right?

Lovely. Looks like @Variety was hacked and now they are sending tons of emails over and over… pic.twitter.com/5dJ43Z2ZuV

— Gerry (@GerryDales) September 3, 2016

The entertainment news outlet is just the latest target in a string of incidents carried out by OurMine. The group also took credit for attacks on Pokémon Go servers back in July, and these hackers are known for taking over the social media accounts of famous tech executives. Google CEO Sundar Pichai’s Quora account and Twitter CEO Jack Dorsey’s Twitter account have also been compromised by OurMine. Even Mark Zuckerberg has been victimized.

In this latest attack, OurMine gained access to Variety’s email lists, and sent a message to readers saying that they were simply “testing your security.” The email, which was sent multiple times to subscribers, read “Hello Variety, it’s #OurMine, don’t worry we are just testing your security, please contact us on ourmine.org -> Contact to show you how…” OutMine trailed off, whereupon viewers were asked to “watch a video” link for more information. That video has been removed.

For its part, Variety has since addressed the issue, and released a statement of its own. “You may have received one or more emails from Variety with the subject line #Ourmine. Variety did not send those emails; please ignore and delete them,” the publication wrote. “We are working diligently to contain the matter and will update you when the issues have been resolved.”

Variety also noted, “In contrast to many other hackers, OurMine doesn’t typically attempt to shut down websites or abscond with data; the anonymous group positions itself as cybersecurity outfit that raises awareness for its services by hacking into prominent people and brands.”

The entertainment site also divulged that an “internal investigation into the matter is focused on the possibility that the password of an employee linked to the Variety content management system was likely compromised. No Variety subscribers’ personal information was accessed.”

Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more