Hacker group OurMine has claimed it discovered a way to gain access to any account linked to the wildly popular world-building video game Minecraft. The group also seem to have hijacked the president of worldwide studios at Sony, Shuhei Yoshida’s Twitter account on 20 July.
The group’s latest exploits claim comes just days after the team allegedly launched a series of DDoS attacks to take down smash hit smartphone game Pokemon Go’s servers last weekend.
Tweeting to Yoshida’s more than 249,000 followers, the group wrote, “You have been hacked by OurMine Team. Visit our website to secure yourself.”
Pnning another tweet to the top of his account that reads, “Hey, its OurMine, we are testing your security.”
A member of the OurMine team told IBTimes UK that hijacking the Sony boss’ Twitter account was simple to carry out since he allegedly does not use two-step verification and that his password was supposedly an easy one – “playstation1.”
Yoshida is the latest victim in a long list of tech giants and celebrities’ social media accounts that have been compromised by the trio of self-proclaimed “white-hat” hackers.
They have also previously hijacked the social media accounts of Google CEO Sundar Pichai, Facebook CEO Mark Zuckerberg, and Twitter CEO Dick Costolo among others.
Demonstrating the alleged Minecraft hack in a video on 19 July, the OurMine team says they were able to break into Microsoft-owned Minecraft developer Mojang’s user login page.
Although the OurMine team refused to reveal how they found the exploit, they did say that it was relatively easy to carry out by stealing internet cookies from the Mojang website and using a victim’s email address to take over any account.
According to PC World, IDG News Service decided to put OurMine’s claims to the test by creating their own Mojang account and having the hacker group hijack it. The group was reportedly successful and managed to change the user profile name to “OurMine Team” as proof.
IBTimes UK also created a Mojang account and asked the group hack into it, but today they claim it could not be done as the glitch had already been patched. They also added that if a user had added security questions to their account, they would not have been able to access it.
Similar to their previous alleged exploits, the team urged Mojang staff to contact them for a fix for the issue in their post yesterday. However, a member of the OurMine team said that the developer had not contacted them.
Microsoft reportedly said they had already patched the issue later on Tuesday, ComputerWorld reports.
When asked about the group’s motivation behind its attacks on gaming industry networks, an OurMine member said there is no particular reason, saying they are currently targeting everything and everyone to educate people about existing cybersecurity flaws such as the use of weak passwords, not enough use of security questions and the risks that come with internet cookies. They also denied requesting money from their targets for their fixes as well.
“We don’t want other hackers to hack it and never give it back,” the OurMine member said.
Touting their versatile security services as an “elite hacker group” on their website, OurMine says they “have no bad intentions and only care about the security and privacy of your accounts as network.”