More than 2,500 Twitter accounts hacked; users exposed to adult sites

In a recent revelation, it has been discovered that more than 2,500 Twitter accounts have been compromised to send out malicious tweets to promote adult dating websites, pornographic content on the micro-blogging website.

According to a Symantec investigation, the hackers make money by redirecting other users to visit these malicious websites through partnered programs. During the course of investigation, Symantec revealed that numerous accounts belonging to famous personalities as well.

“During our investigation into this campaign, we found a few notable compromised Twitter accounts belonging to electrofunk band Chromeo as well as an international journalist from The Telegraph. In addition to our investigation, recent reports found that the Twitter accounts of stand-up comedian Azeem Banatwala, Houston Texans wide receiver Cecil Shorts III, and the late New York Times reporter David Carr were also compromised,” Symantec said in a blog post.

Another trait discovered by the security firm pointed out that the attackers did not use the compromised accounts to directly tweet or message other. Instead, they used like tweets and follow other users with the hope that they will visit the compromised profiles out of curiosity.

“If a user visits the compromised profile, they will see tweets that claim to offer free sign-ups to watch “hot shows” over webcam, or dates and sexual encounters. Each of these tweets includes sexually suggestive photos and shortened links using either Bitly or Google’s URL shortener, goo.gl,” the blog added.

After clicking on the links, users will be redirected to an intermediate landing page, advertising an adult dating/sex personals’ website. And if the users further click on the link given on the landing page, the person will be redirected to the actual site.

The investigations also revealed that the adult dating websites linked to this twitter attack rewards the hackers to drive traffic to their sites.

“They do this through affiliate programs that pay people for getting users to sign up. Based on our research, we believe the affiliate involved in the Twitter account compromises would earn US$4.00 for each person who signs up for the website,” said Symantec’s blog.

Users should try and avoid any uncanny Twitter account, whose profile pictures, biographies, and full names seem malicious. Also, tweets contained adult content and language, discussions on webcam sessions, and sexual encounters.

“The original profile photo is often changed to a photograph of woman, typically in a suggestive pose or wearing lingerie/swimwear. However, some compromised accounts maintain the original profile photo or, in some cases, use the default “egg” avatar associated with new Twitter accounts.”

Symantec has already notified Twitter, Bitly, Google apart from providing data on the accounts and shortened URLs used by these hacked accounts.

The security firm has also pointed out numerous steps to protect your Twitter accounts to prevent such attacks. Here are some of the tips as listed on their blog.

1. Create a strong and unique password: It is likely that many of the compromised accounts used weak passwords or re-used passwords on other services.
2. Use a password manager: If you want to create and securely store your passwords, we suggest using a password manager. While there are plenty to choose from (LastPass, 1Password, Dashlane, KeePass, Password Safe, Norton Identity Safe), we suggest you use one that best meets your needs and your budget.
3. Consider enabling Twitter’s Login Verification: Instead of relying on just a password, Login Verification requires you to enter a code that is sent to your mobile phone. This adds an extra layer of security and helps prevent unauthorized access to your account. Just be sure to securely store your backup code in case you lose your mobile phone.