Saturday, February 27, 2010

Interrupted lives - A story of a Twitter Hack

Yesterday my Twitter account was hacked causing me to spam at last 100 of the people I follow with sexually suggestive Direct Messages. Apparently I was not alone in this phishing attack. There was also something similar recently in Facebook. In my case it was caused by rather stupidly clicking on a DM sent to me on Thursday night. I knew the person who sent it and had no immediate reason not to trust it. As Pete Cashmore said we're less wary when a link appears to be from a trusted contact. The message read “Is this you?” and provided a link (via a deceptively meaningless short URL) which I clicked on almost without thinking.

Almost instantaneously I regretted clicking although nothing happened immediately. Barely minutes later I saw someone’s Facebook warning that the “is this you?” message was malware and you shouldn’t click on the attached link. I was annoyed at my stupidity and hoped nothing further would come of it. But when I checked the Internet on Friday morning it was obvious a lot more had come of it.

Apparently what happens when you click on the link is that your Twitter password is sent to the attackers, permitting them access to your account. According to Cashmore, your friends receive the same message shortly after, which will look like it was sent out by you. I didn’t send out the same message (as far as I can tell) but the one I did send was a classic in its own right.

At approximate 7am yesterday morning, about a hundred DMs were unleashed from my account. Twitter has now cleaned out all the messages from my sent folder however someone however was kind enough to send me a screenshot of how it looked. In the message I was claiming to be “female/24/horny” and added “I have to get off here but message me on my windows live messenger name” It is unlikely that any of the messages would have fooled their recipients. For starters they were all sent out complete with my name and headshot avatar which makes it blatantly apparent I am neither female, 24 nor horny (unless, as I wrote later by ‘horny’ they meant ‘scaly’).

I was blissfully unaware of this activity while munching my weetbix for breakfast. When I logged on an hour later, I became aware of the problem when I checked my regular emails and noticed quite a lot of Twitter DMs sent to me in return. These were all genuine DMs sent to me by friends who were either laughing at the absurdity of the message (if they knew me well) or warning me I was hacked (if they didn’t). When I logged on to Twitter there were many more messages.

“excuse me?”

“Just got a DM from @derekbarry that makes me think his account has been hacked.”

“Time to change your Twitter passwd. Ur sending our "interesting" DM spam. eg "..hi, i'm 24/female/horny...message me on my...”

“unless you are leading a secret double life someone is using your account for spam”.

“Derek, your account has been compromised. Unless you really ARE 24 and horny.”

“You don't look like a 24yo horny female to me.... :) I think you've been hacked!!”

“so u won't hit any "is this you?" messages in future? :) was caught by one back at Xmas. Mine sent out colonic irrigation tweets :P”

One person wrote to tell me he had received one of female/24/horny messages but he also had been hacked and was “going nuts” about how to solve the problem. While I was sympathetic, this was not a reaction I shared. I was momentarily embarrassed so much spam had been sent out in my name but looking at how absurd it was, I found it funny. It was also unwittingly the cause of more real interaction with people than I would normally have had if I'd been left alone.

I sent out a few Tweets apologising for the spam, joked about being scaly rather than horny and immediately changed my Twitter password. This in turn got a lot of responses most of which saw the funny side of what had happened. Here, I hope my reputation in Twitter allowed me to turn a potentially nasty situation into one which people could laugh at. And as far as I know, no one stopped following me thinking I was a spambot.

Within a half hour, I got an email from Twitter saying they believed my account was compromised. They forced me to change my password again and hopefully I’m now clean until the next time I accidentally click on a safe looking link. I say “next time” because despite my increased wariness I’m convinced it will happen again. Spammers are becoming more adept at mimicking convincingly real behaviours – though as my own messages proved they still leave a lot to be desired in matching physical attributes with the text!

No comments: