CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
January 5th, 2009

Tweeter Support Compromised By Hackers, 33 Accounts Hijacked And Temporarily Suspended

Hackers hijacked the Twitter accounts of more than 30 celebrities and organizations, including President-Elect Barack Obama, Britney Spears and Fox News, early on Monday, the company confirmed today.

Twitter co-founder Biz Stone said in post to the company blog that 33 Twitter accounts had been ‘hacked,’ including prominent Twitter-ers like Rick Sanchez and Barack Obama. Twitter immediately locked down the accounts and investigated the issue. Rick, Barack and others are now back in control of their accounts.

Earlier in the day, the hacked accounts had been used to send malicious messages, many of them offensive. CNN correspondent Rick Sanchez’s account, for example, tweeted a message claiming that “i am high on crack right now might not be coming to work today,” while Fox News’ Twitter update reported “Breaking: Bill O Riley [sic] is gay,” referring to the network’s conservative talk show host.

According to Twitter, the accounts were hijacked using the company’s own internal support tools. These accounts were compromised by an individual who hacked into some of the tools support team uses to help people do things like edit the e-mail address associated with their Twitter account when they can’t remember or get stuck.

Today’s admission was only the latest security problem for Twitter. On Saturday, identity thieves launched a phishing campaign on the micro-blogging service that tried to dupe users into divulging their account usernames and passwords.

On Sunday, criminals changed their tactics to use messages about Apple’s iPhone as scam bait, a security expert said Monday. Rather than tricking people into visiting a page spoofing Twitter’s sign-on screen, the second wave of tweets was essentially spam. The iPhone-related tweets were messages such as “hey. i won an iphone! come see how here” or ” Wanna win the new iPhone? It’s so easy and cool, I love this thing!” along with links to sites that ask for, among other things, the user’s cell phone number.

Twitter, however, said that the hacks of prominent users were unconnected to the first phishing campaign or the follow-up spam. According to Twitter, the phishing campaigns were unconnected to the impersonation of celebrities. While the goal of the former is to purloin login credentials, the aim of the latter appeared to be the embarrassment of the rich and famous. The exception was the hijacked account of Barack Obama, which directed followers to visit a website that attempted to steal personal information.

Share this item with others:

More on CyberInsecure:
  • Photobucket DNS Records Hijacked By A Hacking Group
  • Fox News Twitter Account Hijacked, Reports Obama’s Assassination
  • Savannah Free Software Collaborative Development Platform Hacked, Accounts Compromised Through SQL Injection
  • Twitter DNS Hijacked By ‘Iranian Cyber Army’, Inaccessible And Defaced For An Hour
  • Twitter Grader Service Hacked, Thousands Of Unauthorized Tweets Posted From User Accounts

    • Posted in Data Theft, Hacked, Privacy, Scams, Social Networks | Print This Post Print This Post

    This entry was posted on Monday, January 5th, 2009 at 8:20 pm and is filed under Data Theft, Hacked, Privacy, Scams, Social Networks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Tweeter Support Compromised By Hackers, 33 Accounts Hijacked And Temporarily Suspended

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »