CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
February 12th, 2010

Twitter Grader Service Hacked, Thousands Of Unauthorized Tweets Posted From User Accounts

A popular Twitter service called Twitter Grader was hacked yesterday causing thousands of unauthorized tweets to be posted from the accounts of its users. Twitter Grader, which is normally available from grader.com along with other free grading applications, allows Twitter users to see how influential they are on the micro-blogging platform. The service is developed by an Internet marketing company called HubSpot.

The company’s founder and CTO, Dharmesh Shah, was completely taken by surprise yesterday when Twitter Grader users, including himself, started posting a strange message on their feeds. The unauthorized tweets contained a link to a 2006 video of Biz Stone promoting the micro-blogging platform.

Rik Ferguson, solutions architect at antivirus vendor Trend Micro, analyzed the message and concluded that, “The link that has been endlessly tweeted by grader users does not appear to host any malicious content.” The researcher also launched a possible explanation for the attack. “The domain name of the destination site [seonix.org] however might give us a clue to the motivation behind the attack. Seonix presumably refers to Search Engine Optimisation and perhaps that is the real purpose of this attack,” he wrote.

Access to the entire grader.com domain has been temporarily suspended until the issue is addressed and all applications are moved to more secure servers. The company also stresses that customers of its commercial services have not been affected, as these are hosted on a different infrastructure. Additionally, the usernames and passwords of Twitter users have not been compromised, because the Twitter Grader service used OAuth, a technology that doesn’t require login credentials.

The responses to the official blog post about the attack are overwhelmingly favorable, commending the company for its openness and seriousness in handling the incident. “Ladies and gents, is an object lesson in how to deal with an event like this. Much respect to HubSpot,” Rik Ferguson wrote, while an executive officer with a different company noted that, “How you handled it […] should be a lesson (case study?) for others.”

Credit: Softpedia.com News

Share this item with others:

More on CyberInsecure:
  • Tweeter Support Compromised By Hackers, 33 Accounts Hijacked And Temporarily Suspended
  • Twitter Micro-blogging Compromised Accounts Spread Koobface Worm
  • Spam From 750 Compromised Twitter Accounts Invited Users To Visit Porn Website
  • Twitter’s Administrator Panel Hacked (Again)
  • Fox News Twitter Account Hijacked, Reports Obama’s Assassination

    • Posted in Breaches And Incidents, Hacked, Social Networks, Vulnerabilities | Print This Post Print This Post

    This entry was posted on Friday, February 12th, 2010 at 7:23 pm and is filed under Breaches And Incidents, Hacked, Social Networks, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Twitter Grader Service Hacked, Thousands Of Unauthorized Tweets Posted From User Accounts

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »