RSSTwitter twormented by phishers
By Angela Gunn | Published January 5, 2009, 6:47 AM
A phisher or phishers operating over the holiday weekend deluged Twitter users with direct messages luring the unwary to a page designed to steal their sign-in information.
Twitter's official status blog announced the problem Saturday afternoon, but regular users were reporting a welter of suspicious messages throughout the weekend.
The phishers appear to have gained access to one or more accounts with known or guessable passwords. They used those accounts to send direct messages to other users; those DMs included a URL that looked vaguely like one for Twitter, and requests the user's login information. The URL, bloggertwit.access-logins.com, was registered on December 16 to a Zhang Xiaohu in the Hunan province of China, via Xin Net Technology Corp. of Beijing.
Whoever's doing this, they're mighty busy. "Problogger," a.k.a. Darren Rowse, has around 8,847 people he follows on the service and 26,186 followers. He tweeted early Monday morning that he'd counted 50-60 phishing DMs so far in the attack. (Only those Tweetfolk you follow can DM you.) He, like many, many others affected by the attack, put out an urgent call for all Twitter users to change their passwords ASAP.
Rowse also noted that the scam changed over the weekend. Originally the shifty URL directed users to a Twitter-like page that requested Twitter usernames and passwords, apparently using that information to DM each user's followers. At some point during the weekend -- around the time Twitter took action to block the URL -- the redirect page became an iPhone lookalike. And at press time access-logins.com -- we type these things into our browsers so you don't have you -- displays what looks like a normal sign-in page for Facebook.
1:08 pm PST January 5, 2009 - When it rains it pours: A second wave of trouble splashes on deck at Twitter as 33 "celebrity" and news-oriented Tweetstreams, including official accounts used by Britney Spears, Barack Obama, Bill O'Reilly, Fox News, the Huffington Post, and CNN correspondent Rick Sanchez, were compromised late Sunday night.The breaches seemed mainly to consist of juvenile graffiti (claiming that the writer was on crack, gay, or the like), and appears to be unrelated to the problem reported earlier.
Sanchez, at least, seems to be mainly baffled by the problem. His tweetstream details the situation as it unfolded: After being warned of the problem by a follower late yesterday, he turned the issue over to his tech staff ("appears so, tech guys here at cnn working on it now. i'm still trying to get briefed. will advise. more at 3 est"), described the in-house response ("hack/phish hapnd while i took 1/2 hour to re-hab knee down in gym. when i got back, told by staff. cnn security, pr, etc, suits all on it."), and eventually confirmed that Twitter honchos were on the case ("biz stone seems to have handle on it thru twitter. he's in contact with my staff.").
Biz Stone blogged an update on the second hack late Monday morning, describing it as distinctly different from the earlier phishing attempt. (He also noted that it has nothing to do with the upcoming OAuth authentication protocol the service is prepping.) According to Stone, the compromised security tools have been taken offline indefinitely.
lol, i have to laugh at these folks who claim to be computer savvy individuals, thousands of followers yet they take their own security and privacy not so serious, zero precautions
anybody who got scammed deserved it.
Score: 0
Orly? There's another security hole manifesting today, and apparently targeting the accounts of famous folk -- including some that follow no one and would thus not be clicking on bad links. Since you're feeling your oats re explaining the earlier scam, I'm atwitter to hear your analysis of the new thing. Please include specifics on the correct "precautions."
Seriously, folks. Anyone can get scammed, especially when they're operating in an environment that as of just a few days ago seemed fairly safe and secure. (Mac users, holla!) The above comment may be Artful but it lacks Sense.
Score: 0
Alas, as much as it 'lacks sense' it has held true for 3 whole years now for me.
No anti-virus software, only a firewall on the router, not on the PC. I apply patches when they're available.
In those 3 years: no viruses, no malware, nobody has stolen any of my data and none of my money has gone missing (except on excess beer, of course)
Knowledge of computers almost illiminates the likelihood of being scammed.
His comment doesn't lack sense at all.
There should be an computer/internet license in order to buy one. That'd soon sort out 90% of the scamming problems.
Score: 0
There should be an computer/internet license in order to buy one. That'd soon sort out 90% of the scamming problems.
It is logical, but not any sort of sense, other than bad.
It is both impractical and totally lacking in feasibility to accomplish. Who's going to foot the bill on that one? Who's going to keep track of it? How are we going to enforce it?
Heck, we can't even document who's *in* our country, much less what they are doing...
It may be a logical thing to do, but it makes no realistic sense.
Score: 0
Paul, please don't take this in a perjorative sense, but are you by any chance British?
I ask because the computer-licensing thing is about as likely to happen at this point as getting people to license their televisions. I'm pretty sure that's a TV license is one of the few things you could institute in America that would truly cause pan-cultural rioting in the streets; the UK, OTOH, seems to tolerate it just fine.
I do wish people exercised more common sense and took the time to figure out the tools. OTOH, computer / Internet use isn't like driving a vehicle; if you're an idiot, it's not likely you're going to harm anyone other than yourself, and even then not physically. Besides, who would administer a licensing system? And what would be tested? And what happens when the Mac folk start insisting that their systems are so safe they don't need any steenking badges? :-D
Score: 0
See what I mean about the pan-cultural rioting, Paul? PC_Tool and I just agreed on something!!!12
(I keed, PC_Tool, I keed!)
Score: 0
Great, now I have to Youtube me up some Triumph vids...
There goes any work getting done now. ;)
Score: 0
I need a show of hands of all those that DIDNT see this comming......
.....No one??? Oh, three guys who work for twitter in the very back, typical.
Score: 0