Twitter Accounts Compromised in Porn Spam Attack
by Kathee Brewer
About 750 Twitter accounts were compromised in a malicious attack security experts said probably sought to harvest credit card information.
The hijacked microblogging accounts all tweeted the same message, which asked viewers to click on a link to a porn site where a 23-year-old woman said she was waiting to chat with them live via webcam.
“hey! 23/Female. Come chat with me on my webcam thingy here,” the message said. It ended with a URL.
The incident began at about 11 a.m. PT. Twitter founder Biz Stone said the outbreak was corralled within two hours. Twitter technicians reset the passwords on all affected accounts and removed the “spammy updates” from the site.
“Today we discovered about 750 Twitter accounts were broken into and had a link to a webcam site posted on the accounts,” Stone wrote on his blog. “It appears other sites and services have been affected by a similar attack. Our safety team is currently investigating.”
Stone also encouraged Twitter users to ensure their passwords registered “strong” on the password-strength meter the company provides.
The attack was the second on Twitter in two months. Twitter users were “clickjacked” if they responded to a spam tweet that said “Don’t click” and then provided a URL. Clicking the link delivered them to a Web page with a button that also said, “Don’t click.” Clicking the button retweeted the original message. The prank spread like wildfire.