A group of hackers going by the name ‘Legion’ have penetrated the emails and Twitter accounts of a number of high-profile Indian targets. Over the course of the last week, Rahul Ghandi (an Indian politician, who serves as the Vice-President of the Indian National Congress party), Ravish Kumar (an Indian TV anchor, writer, and journalist who covers political stories) and Barkha Dutt (another Indian journalist) all had their Twitter accounts penetrated.
It didn’t end there. On Friday, Legion continued its cyber-campaign by hacking the Twitter account of the famous Indian entrepreneur Vijay Mallya.
Soon after they penetrated the account, Legion started tweeting in his name. The first couple of tweets mentioned the journalists targetted earlier in the week. Next, Legion tweeted to Rahul Roushan, a well-known political satirist from India who often covers stories about corruption. In that tweet, Legion claimed to have penetrated and stolen data from Congress, which they claim they will make available to the political writer in the new year:
“@rahulroushan. When we finish sifting through them. Congress was sniffed for about 4 months carefully. Expect it on new year.”
Digital Ping Pong
Following the tweets on Mallya’s account, the liquor magnate appeared to brush Legion’s tweets aside by issuing his own tweet that said “My account has been hacked by some one called Legion who are Tweeting now in my name. Simply ignore. Will fix this.”
Why he didn’t change his password at that point is anyone’s guess, but Legion then went on to tweet that they had the business personality’s bank credentials:
“Hello. We are back with – Vijay Mallya’s assets at several banks. All known passwords of Mr. Mallya.”
The hilarious (and somewhat schizophrenic) Twitter account tussle was then back in Legion’s court, who tweeted a link to a number of important documents. Those included a scan of his passport and various email conversations. “The bank accounts, assets, passports, offshore investments of Mallya can be found at – https://t.co/4PClILJG4n,” read the tweet.
The name Legion seems to be a take-off of Anonymous’ famous catch phrase ‘we are legion.’ The hackers do appear to believe they are acting in the same sort of vein as their more famous counterpart. However, no evidence has emerged to link the two groups together in any legitimate way.
Legion, however, does appear to be working from a similar moral standpoint to that of Anonymous, whose primary aim is to disclose corporate and political corruption that has a negative effect on society as a whole to the general public.
During the hacks, Legion made various attempts to appeal to the public. The hackers said they were attempting to bring criminal activities to light and that they had evidence to suggest that Mallya is a “fraudster” and a “conman.”
As of yet, however, it is unclear what that evidence may be. Despite all the wild allegations and claims from Legion, so far no real evidence appears to have been released. This has led to a backlash from tweeters, who have largely been amused by the hack. One had the following to say:
Another, clearly unimpressed by the hackers so far, tweeted:
Legion has claimed that damning information about Mallya’s bank accounts and foreign assets will be published but, without any real proof, we are left wondering if this Legion outfit is legit, or whether it is just some script kiddies having some fun.
Attack Vector Unknown
At the moment it is unknown exactly how Legion gained entry into Mallya’s Twitter account. It is also unclear why he didn’t attempt to shut them out before he himself tweeted his few responses on the same account. For whatever reason, however, he didn’t, and the onslaught of tweets from Legion kept on coming. One said “Classic cars AT HIS MANSION AT LADYWALK! A partial list of them! Not all!” That particular tweet made me chuckle, and left me feeling like I was covering an episode of Top Gear rather than a serious hack.
Email Accounts Penetrated
In the case of the journalists Barkha Dutt and Ravish Kumar, it is believed that Legion gained access to their Twitters by first penetrating the emails from which the accounts were set up. This is suspected because following Legion’s hack of Dutt’s account a ‘partial’ database of his emails – containing 1.2 GB of data – was linked to from his Twitter.
NDTV, for whom both the journalists work, made the following statement:
“Email, Twitter accounts of senior NDTV journalists have been hacked. Attempts are being made to use emails out of context. We are asking relevant authorities, including courts, to take strong action.”
Legion responded to the statement by saying,
“We use Twitter as a means to reach the public. We don’t just hack twitter accounts. Go through the data and find out. Signed, Legion.”
“If we go to jail or die, at least we did it with a bang. If any one of us get arrested, over 1TB of confidential data will be leaked.”
All in all, it is hard to tell if Legion has anything worthy up its sleeve. For now, the hackers haven’t really provided any information that is damning. Only time will tell.