Spam from compromised Twitter accounts

Approximately 750 Twitter user accounts were recently subverted and used to post spam messages. The posts, intended to drive traffic to a pornographic web site, read "hey! 23/Female. Come chat with me on my webcam thingy here www.chatwebcamfree.com." A quick search of the micro-blogging site reveals a list of users who had their accounts compromised and used to post the spam messages. According to a post by Graham Cluley on his Sophos blog, "the index page of that web site serves up obfuscated JavaScript that loads a variety of pornographic adverts and contains a web form directed to a site called eroticgateway.com."

A Twitter blog post confirming that accounts had been compromised, suggests that it's likely these are brute force attacks succeeding against user accounts with weak password. Twitter says that they have reset the passwords for the compromised accounts, which should prevent any further spam messages from being sent by the attacker. Earlier this year, an 18 year old US student, that goes by the handle 'GMZ', gained access to several accounts by using a brute force attack and made posts to users Twitter home pages. Accounts that were compromised included Fox News, Britney Spears and Barack Obama.

With the growth in popularity of Twitter, the micro-blogging website is becoming a larger target for spammers, phishers and scammers. Users need to be cautious and use strong passwords to help prevent an account take over. Users who suspect suspicious followers or encounter a spammer can advise Twitter by messaging @spam from their account. Twitter users who want to update their settings with a stronger password can do so by visiting http://twitter.com/account/password.

See also:

• Twitter spoofing fix fails in UK and Germany, a report from The H.
• Twitter: No more swapping passwords, a report from The H.
• Twitter's growing pain: spam, a report from The H.
• Phishing in the Twitter pond, a report from The H.

(crve)