Twitter hack hits cabinet and bank
Updated on 26 February 2010
The Twitter accounts of two cabinet ministers, an online bank and the Press Complaints Commission are among those falling victim to a hack promoting sex aids, writes Benjamin Cohen.
What started as an attempt by Chinese spammers to sell more sex aids has resulted in hundreds of thousands of Twitter users having their accounts hijacked including two cabinet ministers, online bank First Direct, and the Press Complaints Commission.
Thousands of Twitter users from around the world have been receiving "direct messages" from their friends either saying "This you????" or "LOL this is funny" together with a web link that has been shorted and therefore disguised, which users are directed to click.
Once clicking the link, users are directed to what appears to be the regular Twitter login page.
Many people request Twitter to automatically forward to their email account any "direct messages" they receive. So it initially does not seem that odd to be directed to a Twitter login screen.
But the web address of this login screen is clearly not Twitter.com.
However, on a Blackberry and other mobile devices, there is no web address bar at the top of the screen, so it would be perfectly plausible for no one to notice the incorrect web address.
The site itself is a clone of Twitter and all of the user information entered by the unwitting recipient of the message is captured by the hackers.
They then use this data to both continue the spread of the hack, sending out a direct message to all of this second user’s contacts but also to post public messages to the user’s Twitter stream.
It was for that reason that today Energy Secretary Ed Miliband appeared to be bizarrely open about his sex life. This morning, his 6,712 Twitter followers were told "hhey, i've been having better sex and longer with this here" with a link directing readers to a website selling herbal Viagra.
It was followed by a tweet saying: "Oh dear it seems like I've fallen victim to twitter's latest 'phishing' scam."
This is actually an incredibly sophisticated commercial scam. The hackers are not just attempting to draw in the readers of popular Twitterers to their sex aid site, they are also attempting to improve the ranking of the website on search engines including Google, Microsoft Bing and Yahoo.
All three now take a live feed of Twitter, because of the way that they rank websites, the more people that link to a particular website, the higher it will be placed on the search results for a particular keyword. And importantly, because of some technical tricks, this occurs even though the spammers are using web address shorteners to mask the links.
Other victims include the online bank First Direct who were forced to send "Just to clarify - no password issues, it was a link in a DM. No customer / personal data has been compromised. Sorry for any offense caused." to their 854 followers.
The Press Complaints Commission also boasted to its 260 followers that it had improved its sex life.
Yesterday, Deputy Labour Leader and Leader of the House of Commons Harriet Harman told parliament that her account was also compromised.
She had sent messages to fellow MPs including former Tory opposite number Alan Duncan.
In a statement, Twitter explain: "While simply receiving this message does not mean your account is compromised, if you do click through and enter your username and password, you'll want to change your password. If you've received this type of spam from a friend, you may want to alert them to change their password."
The danger is that the criminals behind this scam may be able to login to other online services in their victim's name. Many of us use the same or similar password across a range of different websites According to security experts Sophos, 33 per cent of us just use one password across the web.
Graham Cluley of the company explains: "If Ed Miliband makes that kind of mistake, then he has potentially opened up his email account, his eBay account, his PayPal and Amazon account... basically, his entire online life could be handed over to hackers."
"With an election coming up, they want to appear down with the kids and use new technology to reach out to people more effectively.
"But they need to go back to the classroom to learn about basic computer security.
"They should be setting an example for the rest of us. Too many of them are being a little bit lackadaisical."
He added: "When politicians or celebrities get phished it's a very public compromise of their account.
"But what's happened over the last week is not just for MPs, everyone on Twitter is at risk of receiving these messages, which can be quite convincing.
"We're going to see this happening more and more. The criminals will be more and more attracted to using social networking sites to make money because that's where the people are."
