Elon Musk has been dealt a triple hacking blow as the front page of his Tesla Motors website was taken over and defaced and both his personal and company Twitter accounts were pwned.
The attacks occurred over the weekend and targeted the man who has been linked in Hollywood gossip as the model for Tony Stark, the genius engineer in the Iron Man movies.
The BitDefender blog has an excellent commentary on the hacks outlining how the hackers were able to take control after Tesla had its DNS hacked and MX (mail) and other records amended. It's not clear how they were able to do this, although the speculation is that it must have involved social engineering.
Having taken control of the mail, the group was able to reset the Tesla Motors company Twitter password.
The Twitter account was hacked by a group calling itself AutismSquad who changed the name of the account to #RIPPRGANG. They also started tweeting an offer for free Tesla electric cars, using the phone number for a computer repair shop in Illinois.
The Twitter account takeover is very much in the vein of attacks on other Twitter accounts. The attacks make significant noise and attract much attention but have very limited consequences apart from the quiet tut-tutting of armchair security experts muttering, “You should have used a stronger password”.
On a more serious note, the repeated hacking of celebrity accounts on Twitter underscores weaknesses in security at the microblogging website.
The Tesla website and Twitter account have been restored to normal service and the malicious tweets deleted, and Musk's personal Twitter account has also been returned to his control.