Welcome to WebmasterWorld Guest from 54.237.251.98

Forum Moderators: not2easy & rumbas

Message Too Old, No Replies

LulzSec Reborn Leaks 10,000 Twitter User Passwords After Using TweetGif Application

     
3:53 pm on Jun 12, 2012 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:23279
votes: 360


LulzSec Reborn Leaks 10,000 Twitter User Passwords After Using TweetGif Application [securitywatch.pcmag.com]
LulzSec Reborn, the so-called redux of disbanded hacker group LulzSec, leaked around 10,000 Twitter usernames and passwords of members who used TweetGif, an animated Gif-sharing application.

The file contained an unusually detailed trove of information on each member: usernames, passwords, real names, locations, bios, avatars, secret tokens used to authenticate TweetGif to pull Twitter data, and even their last tweet. The hackers' motivations are unclear at this point; an announcement posted on Pastebin merely linked to a destination for people to download the .SQL file.
4:47 am on June 13, 2012 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 12, 2000
posts: 14851
votes: 101


An update from Twitter:
"We can confirm that all Twitter account passwords have remained secure, and no breach of our systems has occurred in connection with the events experienced by TweetGif. Regarding how TweetGif was compromised, we can't speak on their behalf.
Since this application used OAuth, no user passwords were exposed;


If this was an OAuth-using app then the passwords shouldn't have been disclosed. A lot of the other information gathered is spooky though. It amkes me think twice about approving apps these days.
7:51 am on June 13, 2012 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:23279
votes: 360


It amkes me think twice about approving apps these days.


That's the same route i've taken, too. It's too easy to approve an app, but, really, I ask myself, do I really need it.
1:34 am on June 29, 2012 (gmt 0)

New User

joined:May 28, 2012
posts:8
votes: 0


people are so used to allowing apps access to all kinds of data that they become desensitized.