Weekly Blog Highlights: Hackers and Phisers Attack Twitter

The social networking world, more particularly the Twitter dominion was up and about early this week with separate incidents compromising the accounts of millions of Twitter users. The first incident which was reported sometime last week was about phising scam spreading through Twitter Direct Messages, while the second incident was about hacking attacks on the accounts of “high-profile” Twitter users, including those of famous people. This has alarmed not only the casual Twitter users but also the corporate ones thinking that their accounts may also be susceptible to hack attacks.The Twitter Direct Messages started showing up on several Twitter accounts late last week. The DMs contains a text message that says – “hey! check out this funny blog about you…” It contains a URL that redirects to a page that resembles the Twitter login page. But upon looking closer at the URL it actually was not the Twitter login page, but a separate site with the following URL – twitter.access-logins.com. (Note: the site is already blocked and classified as a web forgery). Of course we all know what will happen if a Twitter user logs in using his/her Twitter credentials.

The second incident happened early this week and involved the hijacking of the accounts of celebrity Twitter users, such as Britney Spears, president elect Obama, Fox News among others. The deed was claimed by an 18-year old hacker who was fond of pulling celebrity pranks. The hacker who goes by the internet handle GMZ said that he was able to gain access to Twitter’s administrative control panel through an automatic password-guesser which is pointed towards a user’s account.

These two incidents were certainly serious threats to the security of Twitter. It prompted Twitter to take a closer look into its system security. Twitter acknowledge that the incident was unexpected and that this prompted the Twitter administrators to conduct a full security review of the Twitter system.

Of course hacking and phising scam is no longer a new issue. Most popular social networking sites have probably experience those kinds of incidents and they were able to get out of it alive. But what is significant about these incidents is the fact that it puts Twitter’s security and vulnerability to hackers and phisers into question. . It finally dawned to everyone of us, that Twitter has finally comes of age. It is finally a established, major player in the web 2.0 world vulnerable and susceptible to the attacks of malicious individual who are always on the look out to sabotage anything on the web that is good and popular.

More importantly these two incidents have alarmed the Twitter folks and prompted them to re-evaluate the security features of Twitter which we hoped would lead to a better and secure environment for Twitter users.