In a cautionary tale for the festive season, unorthodox security guru John McAfee claims to have had his Twitter account hacked.
The account sent out a number of 'coin of the day' Tweets on December 27th encouraging followers to buy some lesser known crypto currencies. Nothing especially strange in that as McAfee has himself sent this type of message in the past.
However, the messages were swiftly followed by a tweet from McAfee saying the account had been hacked and the messages were fake.
The coin of the day messages were then deleted. McAfee claims his mobile phone was compromised, allowing a hacker to intercept a 2FA code and access his account. However, he was quick to send another tweet blaming Twitter, "Though I am a security expert, I have no control over Twitter's security. I have haters. I am a target. People make fake accounts, fake screenshots, fake claims. I am a target for hackers who lost money and blame me. Please take responsibility for yourselves. Adults only please."
He then seems to have responded to the hack by disabling 2FA on his social media accounts, which seems like a weird decision. Especially since Twitter has only recently upgraded its 2FA to allow the use of third-party authentication programs.
In reply to a later tweet McAfee called some of his followers 'slow witted' for believing the fake messages. "The fake account creators create them faster than Twitter and other platforms can remove them. My slower witted followers actually believe the tweets and DMs from these accounts are actually me so it does cause me some problems."
Yesterday a further tweet from McAfee offered some helpful advice on how to spot fakes masquerading as him.
The mobile phone aspect of this must be rather embarrassing, since McAfee is currently working on plans to sell the Privacy Phone -- claimed to be the world’s most hack proof smartphone. Or could this be a way of showing how much the product is needed?
All in all, yet another strange episode from the colorful character that is John McAfee.