“Okay Brothers we’re back. #legion. Support our cause to expose the rats in our system,” the Legion recently tweeted. A group of hackers who have named themselves The Legion have been causing havoc on Twitter. These hackers are not interested in the small fry for they have bigger fish to deal with as seen in the past, which has included the hacking of Twitter accounts of Rahul Gandhi, Barkha Dutt, and Vijay Mallya, and more recently, Ravish Kumar.
They are active on Twitter and are threatening everyone in India who they believe is corrupt. The hackers, in fact for all you know it may just be a single hacker, have described themselves as potheads who love smoking marijuana, listening to Brian Eno, Aphex Twin and Global Communication, with the end goal of dying of an overdose of LSD. Imagine the scenario of a dark, gloomy room filled with state-of-the-art hacking system(s), and a hacker smoking pot, looking at all the data he has and literally playing the game “Eenie, Meenie, Minie, Moe” to select the next person whose account he is going to hack!
But for all you know, this picture painted may be far from reality. This group, or the person, may be geeky teetotallers, polished, living well, with state-of-the-art hacking equipment in a lavish apartment.
How did it all Begin?
The group Legion claims that they came into possession of data when they ended up with access to over 40k+ servers in India. They decided to write a tool to sift through the data which they are now using to malign the image of public figures. This group has access to servers like that of India’s biggest private hospital chain, Apollo. In fact, when asked if they would be able to hack in to the Prime Minister’s Twitter account, they answered with a simple ‘Yes’!
The Harm Till Now
• On November 30, 2016, Rahul Gandhi, Vice-President of the Indian National Congress party, started tweeting a series of obscene posts to his 1.2 million followers.
• The half-a-dozen tweets posted in the next 40 minutes were demeaning and aimed at insulting Rahul Gandhi himself.
• Shortly afterwards, a spokesperson for the Congress party confirmed that Gandhi’s account had been hacked.
• Hackers had also changed Rahul Gandhi’s bio on Twitter to “Retarded Gandhi.”
• The hacker group, calling itself ‘Legion’, took responsibility for the hack, though it didn’t disclose the motive behind it.
• The official account of the Congress Party, @IncIndia also suffered a security breach. On November 30, the account tweeted, “For every retard out there who thinks we have a political agenda — No, we don’t.”
• Things went quiet for a week. But it was just a calm before another storm and on December 9, the Legion struck again and this time the Business Tycoon Vijay Mallya was on the receiving end. Damaging tweets revealing credentials of several of his e-mail accounts, were live for the world to see for more than nine hours. “Legion will find you, hack you, expose you,” the hacker group wrote in one of the tweets.
• The same day the Twitter accounts of Barkha Dutt and Ravish Kumar, two prominent journalists with NDTV news channel were also hacked with the Legion releasing a “partial dump” of 1.2GB of their personal e-mails.
• It is crystal clear that the Legion is after the top public figures in India. And apart from Twitter, this hacker group is also able to hack into e-mail accounts.
Interview with Washington Post
Speaking through encrypted instant-messaging software, one of the hackers told The Washington Post about Legion’s motives and plans for future hacks.
• The group is already in possession of “several terabytes of raw data concerning all sorts of ‘interests'” relating to several Indian public figures, it told the Washington Post, and the group says it will release personal data of several individuals over the coming days.
• The group does not have clear objective at the moment and is just connecting dots without knowing what the final picture will look like.
• Legion says it is just getting started and India’s public figures should be worried.
• On Saturday, hacking into NDTV Twitter account, the Legion announced that their next target would be Lalit Modi.
• However, they have further mentioned that individual targets were just appetizers before they went in for the real kill.
• The hacker said that progressive house music was his real passion and that the hacks barely provided him with an adrenaline kick.
• He said he particularly disliked spending time in India’s capital, New Delhi, and suggested that he might try to go to Russia — to do some more drugs.
The Public figures of India need to watch their step. No one knows whose account the Legion is going to hack next. However, the Legion has brought to the forefront the serious security flaws in our system. The hacking is also projecting the shortcomings in the steps that prominent people take to protect their accounts. The Legion is cherry picking compromised data dumps of prominent personalities, data which has been languishing in the back alleys of the dark web, and thus bringing to the forefront the weakest links in the security chain.