Yesterday afternoon a large number of Twitter users began to notice that they were being added to a bunch of oddly named Twitter lists.
Lists are normally used to group Twitter users by interest: "tech writers" or "top chefs." In this case, however, the lists had spammy names like GTA 5 Giveaway, Ashton Kutcher's Phone Number, and Candy Crush Saga Hack.
Over the past few days, a large number of HootSuite accounts have been hacked and abused to spread links to shady miracle diet websites.
The hacked HootSuite accounts, including ones of celebrities, are used to send out messages on Twitter that read something like this: “get a free groupon of pure garcinia cambogia, according to groupon this stuff is great to stay healthy! [link]”
There has been much sniggering into sleeves after wags found they could upset iOS 6 iPhones and iPads, and Macs running OS X 10.8, by sending a simple rogue text message or email.
A bug is triggered when the CoreText component in the vulnerable Apple operating systems tries to render on screen a particular sequence of Unicode characters: the kernel reacts by killing the running program, be it your web browser, message client, Twitter app or whatever tried to use CoreText to display the naughty string.
Once more, the Syrian Electronic Army (SEA), a pro-Syrian strongman Bashar al-Assad organization, has struck on the internet.
This time, SEA hit The New York Times (NYT), Twitter, and other popular sites. Unlike previous attacks that relied on phishing attacks to gain password information from the target site's authorized users, SEA is using the weak security of the internet's master address book, the Domain Name System (DNS), to re-route internet traffic from its real destination to SEA-controlled sites.
A hacker operating under the name “Mauritania Attacker” has claimed so – but even though he released purported account information for more than 15,000 users on Tuesday morning, officials with Twitter said the service was not affected.
The pro-Islam hacker, who takes his moniker from the West African Arab Maghreb country in which he is said to reside, posted the Twitter information – 15,167 accounts in total – to file-hosting website Zippyshare on Tuesday morning. He claims to have access to numerous more.
A hacktivist known as Mauritania Attacker has claimed to have compromised every account on Twitter by stealing a list of OAuth tokens.
OAuth is an authorisation protocol that allows websites to share log-in credentials. The stolen tokens could be used to access Twitter accounts without need for a password.
The last Soviet leader Mikhail Gorbachev has been forced to deny rumours of his death after hackers planted a false report on Twitter accounts of a state-run news agency.
"I'm alive and well," Mr Gorbachev told the website of Novaya Gazeta newspaper late on Wednesday, using a blanked-out Russian expletive to describe his ill-wishers who he said were "hoping in vain".
Twitter on Tuesday upgraded its first attempt at adding a two-factor authentication option to its service, but the real value is the fact that the social networking site realizes it can't stop there.
Twitter said it will continue to make improvements in securing authentication and filling in gaps; namely, providing better security for accounts shared by two or more users.
The Twitter feed of ThomsonReuters, the global news and financial data company appears to be the latest media company to fall victim to a hijacking by the Syrian Electronic Army.
The Twitter account in question, @ThomsonReuters, has been suspended in the last several minutes. The attack appears to have taken place in the last hour. The attackers managed to Tweet links to at least seven images, mostly pro-Assad political cartoons. Buzzfeed has captured all of them here, but they’re not exactly funny, so click cautiously.
The underground economy that sells fake Twitter and other social media accounts is now so large that is it easily making millions of dollars for the leading abusers, an updated study by Barracuda Networks has found.
The firm has made a speciality of researching the burgeoning economy that now creates and markets a number of different fake social media accounts, including Facebook, Instagram, Pinterest, LinkedIn, YouTube and even the much-ignored Google+, but it is Twitter that is now the core of this industry.
