Twitter tries to shore up security in wake of hack attack

By Robert Westervelt, News Editor 06 Jan 2009 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Twitter officials are trying to lock down their systems in the wake of a successful attack against at least 33 high profile accounts that were hacked through the social network's support tools.

SearchSecurity.com: To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

The breach took place just days after users reported a fast spreading phishing attack that was attempting to steal passwords and other identifiable information. Among the breached high profile accounts was President elect Barack Obama, pop singer Britney Spears, media outlet Fox News and CNN anchor Rick Sanchez, Twitter wrote Monday in a blog posting.

The social network, which allows users to connect to friends and colleagues and post brief messages in real-time, has grown in popularity in recent months. Twitter has gone through a number of growing pains since it launched in 2006. At times the micro-blogging service had consistent down time as a result of system overload. Some estimate Twitter has grown to well over 3 million accounts and the popularity in corporate environments is rising.

Social networking threats: How can widget malware on social networking sites threaten enterprises? Protecting enterprise networks from the malware on popular social networking sites is a complicated issue. Information security threats expert John Strand gives advice. How to implement and enforce a social networking security policy: For a new generation of employees entering the workforce, social networking isn't a luxury, it's a necessity. MySpace, Facebook ignoring basic principles of security: Social networking websites MySpace and Facebook present a significant security risk to users. Phishing, identity theft keeps law enforcement, researchers occupied: An expert on cybercrime and online scams, Derek Manky, is one of the members of the Fortiguard research team.

Twitter said the accounts that were compromised have been returned to their owners. The hacker exploited a vulnerability in the support tools used by Twitter staff to help people edit email addresses or reset passwords.

"We considered this a very serious breach of security and immediately took the support tools offline," the company wrote in a statement on its blog. "We'll put them back only when they're safe and secure."

The support team has been dealing with a phishing scheme attempting to send direct messages to users with a link to a malicious website. The site looks like a Twitter login page, but steals account names and passwords of victims who attempt to login. Twitter said it has reset a number of passwords to breached accounts as a result of the scheme.

One of the problems is that many users are ignoring common sense, clicking on links from unknown Twitter followers. Mary Landesman, senior security researcher at Web filtering vendor ScanSafe Inc., said in a statement via email that users must rethink using Twitter and other social networks as a popularity contest. Often people add followers and seek them out without even knowing their identity, Landesman said.

Other experts said users should always sign out of an account not being used and take time to confirm whether a link was sent from a friend or colleague.

SearchSecurity radio:

"It's a completely avoidable breach of security -- never, ever enter your login credentials from a website accessed via a link received in email, IM or twitter," Landesman said. "While it must be embarrassing for the celebrities who were impacted, it should concern all citizens when the future president of the United States is among the victims."

At one point the Twitter phishing scheme redirected victims to a bogus Facebook login page, according to researchers at TrendLabs. Other social networks, including Facebook and LinkedIn have also been vulnerable to phishing attacks and social engineering schemes in recent months. TrendLabs recently reported finding a number of bogus LinkedIn profiles used to direct users to malicious websites.

"Malicious links contained in these bogus profiles lead browsers through a series of redirections, but ultimately to malware," said TrendLabs' Ivan Macalintal, an advanced threats researcher who discovered the accounts.

Tags: Malware, Viruses, Trojans and Spyware,  Identity Theft and Data Security Breaches,  Email and Messaging Threats (spam, phishing, instant messaging),  Security Awareness Training and Internal Threats,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Malware, Viruses, Trojans and Spyware How to defend against rogue DHCP server malware New Trojan stealing FTP credentials, attacking FTP websites Cybercriminals exploit Michael Jackson, Farrah Fawcett deaths When BIOS updates become malware attacks Antispyware buying guide for Indian enterprises PCI compliance requirement 5: Antivirus Hacker attack techniques and tactics: Understanding hacking strategies Rootkit Hunter demo: Detect and remove Linux rootkits Botnet threats and countermeasures Conficker worm much smaller than feared Identity Theft and Data Security Breaches TJX to pay $9.75 million for data breach investigations Man pleads guilty in online banking hacking scam White House cybersecurity czar faces major hurdles Heartland breach cost $12.6 million, CEO says An inside look at security log management forensics investigations LexisNexis investigates breach, notifies thousands Senators hear call for federal cybersecurity restructuring Former Federal Reserve Bank employee arrested Attackers cash in on fundamental data handling mistakes, Verizon finds Courts turn aside data breach suits Email and Messaging Threats (spam, phishing, instant messaging) Unified communications: Securing a converged infrastructure Chained Exploits: How to prevent phishing attacks from corporate spies 3FN.net ISP shutdown interrupts spam campaigns Swine flu outbreak results in spam pandemic What does 'invoked by uid 78' mean? Economy fuels malware, spam Internet Explorer 8 includes a bevy of security features Adobe JBIG2 exploits being spammed, IBM warns Fierce competition prompted new Cisco email security options Cisco brings email security appliances closer to SaaS Email and Messaging Threats (spam, phishing, instant messaging) Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bot worm  (SearchSecurity.com) directory traversal  (SearchSecurity.com) government Trojan  (SearchSecurity.com) Kraken  (SearchSecurity.com) man in the browser  (SearchSecurity.com) polymorphic malware  (SearchSecurity.com) RavMonE virus  (SearchSecurity.com) RFID virus  (SearchSecurity.com) Rock Phish  (SearchSecurity.com) Zotob  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary