Posts Tagged ‘twitter hacked’
In 2012, what connected Twitter with Apple, AOL, Google, Hotmail, LinkedIn and Yahoo?
Online security – or rather, on occasion, a distinct lack of it.
Each of these firms, alongside others such as Zappos and Formspring, suffered pretty serious security breaches in the past 12 months, with tens of thousands of Twitter usernames and passwords compromised back in May.
Did you know that while three in five U.S. adults have said that they feel vulnerable to being hacked online, 69 percent of these same people reuse their password on more than one site?
Furthermore, 72 percent have said that they are concerned about their online data being used without their knowledge, but more than one-third (36 percent) store their personal information, such as credit card data, on certain websites for convenience.
You do the math.
Let’s say you’ve heard good things about Twitter, but you’re far, far too busy and important to actually spend any time or effort on doing those awfully taxing things like writing tweets and engaging with your followers. You know, all that social media business.
What on earth can you do?
Well, you could hire a team of ghostwriters to do all your Twittering for you. I mean, who would know? And if they don’t work out, simply fire them. But hey: don’t forget to change your password, otherwise you can never be quite sure what they might do, especially if they’ve had a few drinks…
As we reported yesterday, the Fox News @foxnewspolitics account was hacked at 1.56am Monday morning – on the Fourth Of July, no less – and in an extremely crass move, the hijackers, who later identified themselves as the Anonymous splinter group “Script Kiddies”, then went on to publish six tweets announcing the ‘death’ of President Barack Obama.
The news was, of course, entirely false, but because the messages came from a verified account and provided sufficient detail the tweets were widely shared throughout Twitter.
The content was disturbing enough, but the really sickening part was how slow Twitter was to respond to the breach. It wasn’t until 12.34pm ET – over 10 hours since the first hacked tweet was published – that control of the profile was returned to Fox News and the offensive messages were removed.
Fox News Politics (@foxnewspolitics) is a verified account on Twitter with over thirty thousand followers.
The profile tweets in Fox’s normal way, sharing news and updates about the Presidency and politics, albeit with the network’s usual right-of-center bias.
And it’s that bias that will inevitably make the reaction to this news more severe. About 3 hours ago, @foxnewspolitics was hacked. Worse, they’ve written a series of tweets about President Obama being killed, and those messages have spread rapidly throughout the Twittersphere.
Remember the days when Ashton Kutcher (@aplusk) ruled the Twitter roost as the most-followed (and by definition, most popular) user on the network? Kutcher will always hold a very important milestone as the first profile to reach one million followers.
Well, times change, and Kutcher is rapidly on his way out of Twitter’s top 10 most-followed accounts. Give it a few months, and he’ll be gone.
And if all that wasn’t bad enough for Ashton, now his Twitter profile has been hacked. And the exploiter’s messages have been retweeted by hundreds of people.
Kutcher, who is currently attending TED 2011, appears to have been hacked by somebody with a very firm agenda – namely, Twitter’s insistence on using non-secure encryption for user sessions. Which in plain English means that while they maintain this level of security,Â everybody is at risk of being hacked, certainly if you access Twitter whilst out and about.
As senior technology consultant (and online security maestro) Graham Cluley explains at Naked Security:
Tools such as Firesheep make it child’s play for anybody sitting close to you to jump onto your Facebook or Twitter session if you’re using unencrypted WiFi without an SSL connection, for example at a free WiFi hotspot.
Wouldn’t it be great if Twitter forced the use of HTTPS at all times? Clearly whoever hacked into Ashton Kutcher’s Twitter account feels the same.
The insecure Twitter and Facebook accounts of some celebrities offer a very tempting target for cybercriminals who may wish to spread their dangerous or spammy links to millions of followers. We should just be grateful that on this occasion the hack appears to have taken place to promote better awareness of the need for better security, rather than with more malicious intent.
8 hours later, Kutcher’s account still appears to be hacked, as the messages are intact and nobody is doing anything about it. How embarrassing, especially whilst at such a high-profile, super-intellectual think-tank as TED. And you have to wonder if this would have taken so long to repair if Ashton was still Twitter’s top dog.
(Hat tip: Graham Cluley.)
Since its inception, the internet has provided new ways for people all over the world to exercise the rights of free speech, freedom of the press and freedom of assembly. These rights are not simply the benefits of a free society–they are the very means of preserving that society’s freedom. The recent increase in government interference with these freedoms coincides with the failure of the corporate media to fulfill their vital role in checking the abuse of authority. Censorship and journalistic abdication have left citizens unaware and unable to hold their governments accountable.
WikiLeaks has moved to fill the void left by traditional news media, providing the necessary information for citizens to hold their governments to account. Yet it has not been granted the legal protections generally afforded to journalists. Instead, the organization has been vilified and monetary support has been blocked by governments and private corporations. The vitriol aimed at WikiLeaks demonstrates an unsettling disregard for the fundamental freedom to exchange information and express ideas. Members of a free society must not allow information to be suppressed simply because it inconveniences those in power. We share the responsibility to defend vital liberties. The time to act is now.
We are Anonymous, a leaderless movement that has worked tirelessly to oppose all forms of Internet censorship worldwide, from DMCA abuses to government mandated content filters. Our initiatives include supporting dissenting groups in Iran, Zimbabwe and Tunisia, as well as waging the highly visible information battle against the Church of Scientology. We are now prepared to take the fight to the world stage. Join us on January 15th for the first in a series of global protests in defense of WikiLeaks and freedom of expression. Stand with us to defend your freedoms.
We Are Anonymous And So Are You
So reports Why We Protest. There’s even a video.
At the moment Twitter are very much in Anonymous’ good books, as they’ve both opposed the Wikileaks subpoena from the U.S. Department of Justice (read it here) that ordered them to hand over the account details of all 637,000 @wikileaks followers, and made the legal action very public. But, reports MSNBC and others, that boldness cannot last forever. Law is law – and even Twitter’s own policy means that ultimately they’ll likely hand over the data.
“[N]on-public information about Twitter users is not released unless we have received a subpoena, court order or other legal process document.”
So, here’s the real question: if Twitter is forced to comply, does this mean that, in spite of their stalling and momentary act of bravery, they’ll be next on Anonymous’ hit list, simply because they’ve sold out to the man?
Perhaps. And if it happens before this weekend, then brace yourself for at least a few hours of minor annoyance.
Check Your Connections Tab On Twitter (Because You've Only Got Yourself To Blame If It’s Full Of Crap)
I had a strange dream last night.
I was on Twitter when news broke on TMZ.com that Oprah Winfrey had died. I read the article, shared the link, and then went out.
This was all in the dream, remember. As it continued, I came back home after a couple of hours had passed and it turned out that TMZ had pulled the story, that it was a mistake, and Oprah was very much alive. However, my “Oprah Winfrey has died!” tweet was still sitting there in all its glory, and had started to generate thousands of really negative reactions. People were calling me a liar, saying I’d obviously put this out just to get attention, and so on.
As it continued, one guy – who was clearly a huge fan of Oprah (Stedman, perhaps) – got so pissed that he hacked into my Twitter account and hooked me up with all the worst auto-tweeting applications on the planet. Suddenly, ‘I’ was sending out all manner of garbage and some really offensive spew – tweets linking to porn, racist gibberish, etc. It wasn’t looking good.
Still dreaming, and as the complaints went from thousands to millions, I became increasingly frustrated at my inability to deal with the problem. The thing was, I knew what I had to do – it was as easy as visiting the connections tab on my Twitter account and revoking access to all the auto-tweeting crap that had been injected into my account.
But, much like those nightmares where you’re trying to run away from the monster but your legs are stuck or simply refuse to work, in the dream I somehow just couldn’t quite get there, and could only watch in horror as my good Twitter name was torn to shreds.
Suffice to say, I woke in something of a fluster.
Silly as it was, the dream had some purpose. This morning, I checked my connections tab for the first time in a while, and sure enough there were a couple of things in there that I didn’t recognise and immediately revoked. Thankfully, they hadn’t started sending out any auto-nonsense to my timeline, but that doesn’t mean that they never would have.
You see, the problem with giving permission on Twitter is it’s forever – unless you do something about it. There are no layers of permission, certainly from Twitter’s end. You’re either in, or you’re out. Sure, some of these apps let you configure your preferences at their end, but it’s easy to overlook this and it’s really easy to grant permission one day and totally forget all about it the next.
(Especially late at night after one or two raspberry daiquiris – but I digress.)
I’ve written about this before, but I needed reminding myself. It pays to check your connections on a regular basis – once a week is a good habit to get into. Certainly, if you find yourself auto-tweeting – which is never a good thing – check your connections first. Ninety-nine times out of a hundred the problem, and solution, will be in there.
As for Oprah – and just in case this article gets misinterpreted and becomes self-fulfilling and wholly ironic – she is, I would like to remind you, still with us.
(Although she hasn’t updated in a while.)
There’s another phishing attack on Twitter, and yet again it’s being spread by direct message.
(You can read all the details over at Mashable.)
Here’s what I think you need to do. If you get any of these malicious direct messages, please don’t click on the links, but do make a note of the user(s) that sent them to you. Is that name familiar? Have they fallen foul of these phishing scams before? Several times?
Do they always seem to be affected by these kinds of exploits?
If so, unfollow them. Don’t hesitate, do it right now. And seriously, seriously consider a block, too.
Reality check: it’s probably a safe bet that virtually every single one of us will be conned by something on the internet before we bite the dust. As human and artificial intelligence-slash-guile continues to develop, we’re all potential marks.
People make mistakes, and when something happens to somebody else on Twitter it’s fantastic if you can take a moment to explain to them what they did, and hopefully educate them enough so they won’t do the exact same thing a month or two later.
But if you have users in your network who are always getting tricked, and who are repeatedly getting their accounts compromised, then you need to let them go. Because nice as they might be as people, as long as you’re connected then their neglect and technical naivety becomes yours (by proxy).
It’s a phishing attack today – it might be something a heck of a lot worse this time next week. This might seem harsh, but this is your security at stake. And while there’s any kind of link between you and them, and despite how savvy you think you might be, the odds of YOU getting caught out will continue to increase dramatically each time they screw up.
(PS. If it makes you feel better, send them an email or open tweet explaining why you had no choice. Just don’t click on any links that they send back.)