Welcome to WebmasterWorld Guest from 54.167.46.29

Forum Moderators: rogerd

Message Too Old, No Replies

Twitter Worm Leads to Hacked Accounts, Spam

     
11:28 pm on Sep 23, 2009 (gmt 0)

Administrator

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 2, 2000
posts:9685
votes: 0


A worm began spreading through Twitter earlier today, beginning with seemingly innocuous messages that read "rofl this you on here?" and a link that looked like a Twitter video site. Users who clicked the link were presented with what looked like an authentic Twitter login page.

The hackers who gathered login info in the "rofl-video" phase then launched a DM spam campaign inviting the recipients to learn how to make hundreds of dollars a day online. (No, I didn't click either link.)

In each case, the DMs came from a Twitter friend, making them more likely to be clicked on.

11:40 pm on Sept 23, 2009 (gmt 0)

Preferred Member

5+ Year Member

joined:Sept 23, 2008
posts:439
votes: 0


cannot find this on official twitter blog posts, except couple of news grabbers ?
[blog.twitter.com...]
11:50 pm on Sept 23, 2009 (gmt 0)

Administrator from US 

WebmasterWorld Administrator incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 25, 2005
posts:14624
votes: 88


Twitter has had so many security breaches I'm shocked anyone still uses the thing.

Oh well, people still use that swiss cheese called Word Press too, what the heck.

11:55 pm on Sept 23, 2009 (gmt 0)

Preferred Member

5+ Year Member

joined:Sept 23, 2008
posts:439
votes: 0


But why everyone really follows twitter ?
[webmasterworld.com...]
1:02 am on Sept 24, 2009 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member ogletree is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Apr 14, 2003
posts:4249
votes: 16


I had 1 friend send me the rofl DM and 2 people sent me the make money DM. I clicked on the first link but noticed that it was a phishing attempt. I went and changed my pw.
1:12 am on Sept 24, 2009 (gmt 0)

Moderator from US 

WebmasterWorld Administrator martinibuster is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 13, 2002
posts:13973
votes: 123


There's an email being sent with a related URL. The domain is regged in china.
8:30 am on Sept 24, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member sem4u is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Dec 18, 2002
posts:3061
votes: 0


I received a Twitter spam DM message about a money making site. The domain was registered privately. I did click on the link, but not through my Twitter account.
2:13 pm on Sept 24, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 13, 2005
posts:1077
votes: 0


I don't use twitter, but it sounds like this wasn't security related. Although the application should notice all those accounts being accessed from the same place and block access, but users openly gave out their username/passwords.
2:56 pm on Sept 24, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member whoisgregg is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Dec 9, 2003
posts:3416
votes: 0


I'm amazed how many internet professionals were hit by this thing. Could this come from an account without the account holder having fallen for the phishing attempt?
4:57 pm on Sept 24, 2009 (gmt 0)

Administrator

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 2, 2000
posts:9685
votes: 0


One Twitter pal swore she did not fall for the phishing scam, but nevertheless had her account hacked. Was there some other hack at work, in addition to the obvious one? Maybe.

I think it's likely that some pros fell for the fake login screen because of Twitter's normal tendency to forget your login. Even though I always check "remember me" when I'm on a personal PC, I am often confronted by unexpected Twitter login screens. If you are multitasking and not paying close attention, it would be easy to mistake the bogus login screen for another Twitter fail.

5:00 pm on Sept 24, 2009 (gmt 0)

Full Member

10+ Year Member

joined:Jan 3, 2004
posts:333
votes: 0


I think that this kind of attack shows one of the main security 'weaknesses' of any social network:
The inhenrent trust that the individuals who participate have in the system.

Requests apparently coming from friends, etc. They don't treat them with the same caution they do with emails, etc. Only one member the social network needs to fall and many may follow...

7:20 pm on Sept 24, 2009 (gmt 0)

Full Member

10+ Year Member

joined:Apr 28, 2005
posts:221
votes: 0


I took a decision few days ago to block all traffic from the Chinese mainland and Hong Kong to few of our servers, proxy or direct. It was a difficult decision, but I found 90% of spam hitting dozens of large sites coming from that part of the world. I know that the majority of surfers from that great land and civilization are harmless, and only a minority of well seasoned spammers spoil the fun for the Chinese majority, but it had to be done until a better solution can be found.

What happened to Twitter is the price of fame you might say and they should have the financial clout to implement better security rather than do what I had done, none of our sites is as big or worth as much as Twitter. We may have some technical expertise, but we lack the expensive networking infrastructure needed, but they don't or at least they can afford it!

10:56 am on Sept 25, 2009 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 12, 2003
posts:772
votes: 0


they should have the financial clout to implement better security

They do, but not the technical talent.