Twitter Accounts Hacked In Torrent-Based Phishing Scam


According to Twitter, this is the first time the site has seen a torrent-based attack. Essentially, the phishing scam banks on people using the same username and password for torrent sites as it does with Twitter and other online sites. Using a torrent site that requires a log-in and password, the hackers were able to glean those usernames and passwords to access Twitter accounts.

"Torrent sites aren't exactly new; however, this is one of the first times that we've seen an attack that came from this vector," Del Harvey, Twitter's director of trust and safety wrote in a blog post. "It appears that for a number of years, a person has been creating torrent sites that require a login and password as well as creating forums set up for torrent site usage and then selling these purportedly well-crafted sites and forums to other people innocently looking to start a download site of their very own. However, these sites came with a little extra - security exploits and backdoors throughout the system. This person then waited for the forums and sites to get popular and then used those exploits to get access to the username, email address, and password of every person who had signed up."

Twitter also uncovered additional exploits used to gain admin roots on forums that weren't created by the site owner. In some instances, the exploit involved redirecting attempts to access the forums to another site that would request log-in information. From there, that information was used to gain access to third-party sites, like Twitter.

According to Harvey's post, Twitter recommends that people using the same email address, username and password on multiple sites, especially those who use third-party forums and download sites, use different passwords for each service to keep their Twitter accounts safe.

Sponsored post

"We haven't identified all of the forums involved (nor is it likely that we'll be able to, since we don't have any connection with them), but as a general rule, if you've signed up for a torrent forum or torrent site built by a third party, you should probably change your password there," Harvey said.