These days, no one is safe from hacking — not even Marvel superheroes.
A group of Marvel and Netflix Twitter accounts were hacked Wednesday by OurMine, a hacker group that says it targets high-profile social media accounts to advertise its security services.
OurMine hacked into the accounts of both studios — including Marvel's superhero franchise accounts such as The Avengers, Captain America and Ant-Man — and used them to tweet promotional messages.
All the tweets had the same message: "Hey, it's OurMine, Don't worry we are just testing your security," along with contact information for the group.
OurMine, which calls itself an "elite hacker group" on its website, appears to offer protective Web services. The website states that services include social media account protection for $30, while website or corporate network protection comes with a price tag of $1,000 to $5,000.
TechCrunch reported earlier this year that the group is made up of three teenagers, whom the tech news site did not identify. OurMine's high-profile victim list includes the social media accounts for Facebook chief executive Mark Zuckerberg, Google chief executive Sundar Pichai and actor Channing Tatum.
"We don't need money, but we are selling security services because there is a lot (of) people (who) want to check their security," an anonymous OurMine member told Wired, according to a story the tech news site published earlier this year. "We are not blackhat hackers, we are just a security group … we are just trying to tell people that nobody is safe."
The hacked tweets on the Netflix and Marvel accounts were deleted later Wednesday. "We're investigating and taking immediate action to remedy the situation," a Marvel spokesman said in a statement.
To protect against social media account hacks, experts recommend enabling two-factor authentication on sites like Twitter or Facebook. This forces anyone who tries to log into an account to provide a passcode typically texted to the phone of the owner. Account holders should also create strong passwords by using a random mix of letters and numbers to prevent hacking, and they should not reuse passwords from other accounts.