Ike's Online Scraptacular
 
Mar 6 / 9:15pm

MAJOR Twitter Botnet underway

UPDATE 6: I'm checking with the people I know to find out the nature of the passwords they used. Might be a phishing scam responsible, although this one shows a lot of patience, with one of the victims dormant on Twitter for more than two months prior to the attack.

Either way, might want to change your password, and use something "strong." 

UPDATE 5:  Mashable is on it

UPDATE 4:  Valeria Maltoni (@conversationage) makes a great point about password security, picking strong passwords and changing them often. However, as these affected Tweets are coming through the API, we really don't know if this was a breach caused by a typical "malware" attack or if perhaps a third-party application has been hacked. Many Twitter accounts are linked to services that have been given permissions to post. A hacker taking over one of those could gain control of an account that never clicks links and has strong passwords.

As if you needed more things to keep you up at night.

Also sent to TechCrunch. Maybe some of their people can dig out more about what is happening than I can do from here.

UPDATE 3:  Dug further back into the timeline. I was first alerted when my three friends shared a similar message about an hour earlier, with the same link. I searched that phrase, and found 198 identical messages.

That leads me to believe that the number of affected accounts is likely much higher. While there is much overlap on the lists, there is also at least one account (@edfryer) who sent another hacked Tweet back on March 1st:

Remember that diet I tried, it works!  http:// tinyurl.com/ yb8l5on7:27 PM Mar 1st via API

 

I disabled the link, to prevent accidental clicks. It leads to a http://  testproductsfree  .  com  /  1111.php - which I will assume was the first of three known waves of this link spamming.

Of other interest, is the fact that prior to that March 1 Tweet, @edfryer's most recent public activity was this message on December 20. That does not bode well for the chance that this is a strictly recent phenomenon, and that only 200 accounts are hacked.

No offense, Ed.

UPDATE 2:  Sent info to Mashable, along with a cut-and-paste of the Twitter Search showing the identical message, sent within a five-minute window, from the affected accounts.

 

UPDATE:  So far, using Twitter Search and the phrase that's repeated, I count 202 hacked accounts.

 

At least three of my Twitter tribe have been affected.

 

They are sending automated tweets through the API, touting a tinyurl claiming weight loss success.

With the preview enabled, I was able to see that the link goes to a http://  testproductsfree  .  com  /  3333.php

Link butchered by me, to prevent others from clicking and presumably being sucked in.

Watch where you click, people.

(and here's a short url for the same page, to Tweet:  http://ike4.me/twhack )

(download)

0 comments

Leave a comment...