Security

‘OurMine’ Hackers Identified and Charged With Fraud and Conspiracy Counts

By Bill Toulas / October 1, 2020

Back in February, a few hackers calling themselves ‘OurMine’ were shaming large social media companies for having inadequate security systems and failing to protect the accounts of their users. They were even urging users to contact them at their email address to learn how to better secure themselves. Now, two men who belong to the ‘OurMine’ group are facing charges of computer fraud and conspiracy, which incur punishments of up to 20 years of imprisonment and $250,000 in fines.

The announcement of the U.S. Department of Justice identifies the two hackers as Trevontae Washington, 21, of Thibodaux, Louisiana, and Ronnie Magrehbi, 20, of Orlando, Florida. Previously, we thought that the group was of Saudi descent, but it appears that this isn’t the case after all. The two have been linked with NFL and NBA player hacks and various schemes that occurred between December 2017 and April 2019. The investigation has produced juicy details on how exactly the hacks happened, with phishing being the method that steals the spotlight.

Source: Bleeping Computer

More specifically, the hackers messaged their targets on Instagram, embedding links on their messages that pointed to convincingly-crafted phishing pages. The victims were tricked into thinking they have landed on a legitimate social media login page and entered their credentials. The actors immediately locked the account owners out by resetting the passwords, posted embarrassing stuff on their walls, or sold these accounts for $500 or $1,000 to others.

OurMine didn’t only cause trouble to professional athletes but also to firms like the BBC, New York Times, Netflix, Sony Music Global, and National Geographic. The event that secured them their ticket to the “notoriety train” back in 2016, though, was a hack against Mark Zuckerberg’s accounts on Twitter, Instagram, and Pinterest.

Nevertheless, all of that is far behind now, as T. Washington and R. Magrehbi are preparing their defense case in front of the Magistrate Judges of the courts of the Eastern District of Louisiana, and the Middle District of Florida, respectively. Jailing them won’t eliminate account take-over dangers, of course, so social media users are still advised to set up their 2FA, use a strong and unique password, and avoid connecting to their accounts for public computers.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: