Twitter Account Hacked? Even Security Companies Have Trouble Getting Back In

pcmag.com:

The regular reports from antivirus testing companies around the world are extremely helpful when I’m evaluating a new or updated antivirus program. I know all the players, so receiving an email from a lab’s executive team is no surprise, but the request in one such recent email was unusual. Andreas Marx, CEO and co-founder of AV-Test Institute(Opens in a new window), wanted to know if I had any inside contacts at Twitter. It turned out that AV-Test Institute's main Twitter handle, @avtestorg(Opens in a new window), had been hacked, and his attempts to get help from Twitter were going unanswered.

How could this happen in a company with more than 15 years of experience in the security industry? Speaking with Marx and with Maik Morgenstern, technical director of AV-Test and its other CEO, I learned that even when you do everything right, you can still get hacked. As of this writing, the AV-Test account is still posting and retweeting random NFT spam, rather than providing support for AV-Test’s business and its customers.

Neil J. Rubenking: How did you first learn the account was hacked?Andreas Marx: I got a WhatsApp message from a well-known security researcher, just about 10 minutes after the account was hacked on July 25, with screenshots of the compromised Twitter account. Shortly thereafter, we got further notifications from other parties.

What was your first reaction to the hack?Well, I tried to log in to my mobile device with the Twitter account, but the @avtestorg account was no longer accessible. I tried to check the account on my PC, but I was not able to log in and just saw the compromised Twitter account there, too. (Twitter actually asked me to create a new account!)

In my email Inbox, I saw three mails from