This morning Twitter sent out a network-wide email to its users whose accounts were compromised, and urged them to change their passwords.
Users have been calling out Twitter for its vulnerable account authentication for some time now, but the social network still remains mum about the apparent holes in its security. Today Twitter was finally subject to its largest attack, which due to its scale, forced the company to send user-wide alerts via email notifying its users that their accounts have been compromised.
In an email sent this early this morning, Twitter had acknowledged that accounts had been compromised by a third-party site, and urged its users to change their passwords. We checked Twitter and noticed that many compromised accounts were used to tweet spam, but the original users have been able to regain access to them.
Here’s what Twitter said in the email:
“Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We’ve reset your password to prevent others from accessing your account.
You’ll need to create a new password for your Twitter account. You can select a new password at this link: https://twitter.com/pw_rst/…
As always, you can also request a new password from our password-resend page: https://twitter.com/account/resend_password
Please don’t reuse your old password and be sure to choose a strong password (such as one with a combination of letters, numbers, and symbols).
In general, be sure to:
Always check that your browser’s address bar is on a https://twitter.com website before entering your password. Phishing sites often look just like Twitter, so check the URL before entering your login information!
Avoid using websites or services that promise to get you lots of followers. These sites have been known to send spam updates and damage user accounts.
Review your approved connections on your Applications page at https://twitter.com/settings/applications. If you see any applications that you don’t recognize, click the Revoke Access button.
For more information, visit our help page for hacked or compromised accounts.
-The Twitter Team”
Earlier last month, Dennis Jones and his Twitter handle @blanket was hacked, which lead him to discover a mature black market for hacked Twitter, Minecraft, and YouTube accounts. Each account can sell for as little as $60. Digging deeper, we discovered that hacking Twitter accounts as basically become child’s play. Many “hackers” are simply teenagers who browse forums like hackforums.net. These communities are full of tutorials that can guide anyone step-by-step through taking over coveted Twitter handles. These forums are also a proliferating marketplace for selling or trading programs used in malicious virtual attacks, including cracking passwords.
We reached out to Twitter and inquired about how many accounts have been compromised, and who was responsible for the attack. We’ll update you once a spokesperson gets back to us.
Source : digitaltrends[dot]com
No comments:
Post a Comment