Yourcybersafetyconnections March 24th,2025 vol# 212  

  • According to Konbriefing and from Mama Africa, hackers took over Ghanaian President John Mahama’s verified X account to promote crypto scam. 
  • The scam was targeted the president’s followers, Africans and investing public. 
  • We do not have information about why it happened. 
  • No hackers have claimed responsibility for the cyberattack. 
  • Here is how the President’s team mitigated any unintended loss from the account take over. 

What happened? 

Category:John Dramani Mahama 

According to Newsbit last weekend, hackers took control of Ghanaian President John Mahama’s verified X account. They used it for 48 hours to promote a fake cryptocurrency project.  

His spokesman confirmed this last Tuesday March 18th that the hacking began on Saturday March 15th and was noticed on Sunday March 16th when the account started posting messages about a project called Solanafrica.  

The hackers falsely claimed that Mahama was behind this project to enable free payments across Africa using the Solana blockchain. 

This is not the first case of its kind. In July 2023, hackers targeted South African opposition leader Julius Malema’s X account for a similar scheme. Earlier, in 2022, they misused Nigerian businessman Tony Elumelu’s account for fake crypto giveaways. 

Solana is gaining popularity in Africa because it has lower transaction fees than Bitcoin and Ethereum. Scammers exploit this by luring investors with false promises. 

Who was impacted? 

Ghana: 2008 photo 

The president, his followers and all other incidental persons. The hackers urged Mahama’s followers to invest in the project, claiming it was a revolutionary financial initiative. 

Why did it happen? 

While it is not explicitly stated, from all the information we have, the hack is aimed at scamming the public/Africans. 

Which cybercriminals were responsible for the hack? 

Hackers of Government Websites 

No cybercriminals have claimed responsibility for the attack. 

How did the president’s team mitigate unintended loss from the hack? 

OWASP Threat and Safeguard Matrix 

Although Mahama’s team removed the fake messages, the account continued to share cryptocurrency content, including hints about a new memecoin. 

The President’s spokesman Kwakye Ofosu assured the public that though the account was taken over, steps were taken to regain control of the X account. The public were advised to ignore any suspicious cryptocurrency messages from the president’s X account.  

 This incident highlights the rising concern about cryptocurrency fraud in Africa. Digital assets are becoming popular, but regulations are still catching up. Scammers often hijack verified accounts to promote fake investment opportunities.  

  • Experts call for stricter security. Cybersecurity experts warn that well-known figures need to strengthen their security measures to prevent such hacks.  
  • Abubakar Issaka from Ghana’s Centre for Cyberwatch and Data Protection advised that Two-factor authentication alone wasn’t enough anymore, and that there is need to monitor login activities, limit access to third-party apps, and have a specialized team watch for suspicious activities 24/7. 
  • Spokesman Ofosu stated that authorities have taken steps to prevent future misuse of Mahama’s account.  
  • The president thanked his team and X’s support team on Tuesday for their help in recovering his account. 

Upon asking Co-Pilot, here is what it said: 

Mitigating the impact of a high-profile social media hack, such as that of a president, requires swift and strategic action. Here are some key steps that could be taken: 

1. Immediate Response 

  • Regain Control: Collaborate with the platform’s security team to secure the account and reset login credentials. 
  • Monitor Activity: Review recent account activities to assess the scope of the breach. 

2. Communicate Transparently 

  • Public Statement: Issue a clear statement acknowledging the hack to prevent misinformation from spreading. 
  • Clarify False Content: Highlight any posts made by the attacker to ensure the public is informed. 

3. Investigate 

  • Trace the Source: Work with cybersecurity experts to identify the hacker and the method used. 
  • Evaluate Security: Perform a security audit to detect vulnerabilities. 

4. Limit Repercussions 

  • Manage Reputation: Engage with public relations specialists to counteract any harm to the president’s reputation. 
  • Control Misinformation: Actively flag or report false content circulating as a result of the hack. 

5. Enhance Security 

  • Implement 2-Factor Authentication (2FA): Ensure all social media accounts have additional layers of security. 
  • Educate Staff: Train the team managing the account on recognizing and preventing phishing and other attacks. 

Conclusion

There needs to be constant ongoing monitoring and high alert in the face of public figures account been taken over and used for scams to protect the (investing) public.