Welcome to WebmasterWorld Guest from 54.204.162.36

Forum Moderators: rogerd

Twitter Worm Leads to Hacked Accounts, Spam

   
11:28 pm on Sep 23, 2009 (gmt 0)

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member



A worm began spreading through Twitter earlier today, beginning with seemingly innocuous messages that read "rofl this you on here?" and a link that looked like a Twitter video site. Users who clicked the link were presented with what looked like an authentic Twitter login page.

The hackers who gathered login info in the "rofl-video" phase then launched a DM spam campaign inviting the recipients to learn how to make hundreds of dollars a day online. (No, I didn't click either link.)

In each case, the DMs came from a Twitter friend, making them more likely to be clicked on.

11:40 pm on Sep 23, 2009 (gmt 0)

5+ Year Member



cannot find this on official twitter blog posts, except couple of news grabbers ?
[blog.twitter.com...]
11:50 pm on Sep 23, 2009 (gmt 0)

WebmasterWorld Administrator incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Twitter has had so many security breaches I'm shocked anyone still uses the thing.

Oh well, people still use that swiss cheese called Word Press too, what the heck.

11:55 pm on Sep 23, 2009 (gmt 0)

5+ Year Member



But why everyone really follows twitter ?
[webmasterworld.com...]
1:02 am on Sep 24, 2009 (gmt 0)

WebmasterWorld Senior Member ogletree is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I had 1 friend send me the rofl DM and 2 people sent me the make money DM. I clicked on the first link but noticed that it was a phishing attempt. I went and changed my pw.
1:12 am on Sep 24, 2009 (gmt 0)

WebmasterWorld Administrator martinibuster is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



There's an email being sent with a related URL. The domain is regged in china.
8:30 am on Sep 24, 2009 (gmt 0)

WebmasterWorld Senior Member sem4u is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I received a Twitter spam DM message about a money making site. The domain was registered privately. I did click on the link, but not through my Twitter account.
2:13 pm on Sep 24, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



I don't use twitter, but it sounds like this wasn't security related. Although the application should notice all those accounts being accessed from the same place and block access, but users openly gave out their username/passwords.
2:56 pm on Sep 24, 2009 (gmt 0)

WebmasterWorld Senior Member whoisgregg is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I'm amazed how many internet professionals were hit by this thing. Could this come from an account without the account holder having fallen for the phishing attempt?
4:57 pm on Sep 24, 2009 (gmt 0)

WebmasterWorld Administrator rogerd is a WebmasterWorld Top Contributor of All Time 10+ Year Member



One Twitter pal swore she did not fall for the phishing scam, but nevertheless had her account hacked. Was there some other hack at work, in addition to the obvious one? Maybe.

I think it's likely that some pros fell for the fake login screen because of Twitter's normal tendency to forget your login. Even though I always check "remember me" when I'm on a personal PC, I am often confronted by unexpected Twitter login screens. If you are multitasking and not paying close attention, it would be easy to mistake the bogus login screen for another Twitter fail.

5:00 pm on Sep 24, 2009 (gmt 0)

10+ Year Member



I think that this kind of attack shows one of the main security 'weaknesses' of any social network:
The inhenrent trust that the individuals who participate have in the system.

Requests apparently coming from friends, etc. They don't treat them with the same caution they do with emails, etc. Only one member the social network needs to fall and many may follow...

7:20 pm on Sep 24, 2009 (gmt 0)

10+ Year Member



I took a decision few days ago to block all traffic from the Chinese mainland and Hong Kong to few of our servers, proxy or direct. It was a difficult decision, but I found 90% of spam hitting dozens of large sites coming from that part of the world. I know that the majority of surfers from that great land and civilization are harmless, and only a minority of well seasoned spammers spoil the fun for the Chinese majority, but it had to be done until a better solution can be found.

What happened to Twitter is the price of fame you might say and they should have the financial clout to implement better security rather than do what I had done, none of our sites is as big or worth as much as Twitter. We may have some technical expertise, but we lack the expensive networking infrastructure needed, but they don't or at least they can afford it!

10:56 am on Sep 25, 2009 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



they should have the financial clout to implement better security

They do, but not the technical talent.

 

Featured Threads

My Threads

Hot Threads This Week

Hot Threads This Month