Twitter hacked with 'happiness'
Friday, January 9, 2009
A weak password used by a Twitter support staff member allowed a hacker to gain control of various celebrity accounts by using an automated password-guesser.
The hacker is reportedly an 18-year- old who goes by the online name GMZ and said he noticed a Twitter user named "Crystal" as a frequent follower of numerous accounts in an IM interview with the Wired.com blog Threat Level.
GMZ agreed to the interview after being implicated by other hackers online, according to the blog.
The hacker began a dictionary attack last Sunday by using a self-authored tool which automatically tried English words, Treat Level reports. By 11 a.m. Eastern Time the next day, he was in Crystal's account, thanks to the password of "happiness."
By hacking the Twitter staffer's account, GMZ could reset passwords through the administrative panel, according to the post. Though he said he didn't personally use the hacked accounts, he did post a message to Digital gangster, a forum for hackers, offering access to the accounts by request.
"I feel it's another case of administrators not putting forth effort toward one of the most obvious and overused security flaws. I'm sure they find it difficult to admit it," wrote GMZ in the interview.
Related News:
UK cops arrest two in Zbot Trojan case - 11.19.2009
The British Metropolitan Police took two suspected cyber criminals into custody earlier this month in connection with an investigation into the Zbot banking Trojan.
Facebook shakes up privacy policy in response to criticism - 11.19.2009
After a week-long comment period in which 7,000 Facebook users voiced their opinions, the giant social media network announced that it would overhaul and simplify its privacy policy.
Domain registrar VeriSign will receive "major security update" by 2011 - 11.19.2009
A well-known security vulnerability in the way .com and .net websites process DNS values - the way alphanumeric website names are translated into numeric web addresses - will be fixed, but not until 2011, according to a report from tech news website ZDNet.
Malware attack targeting fans of Twilight series - 11.18.2009
As with many recent hot news trends, the upcoming release of the second movie based on Stephenie Meyer's Twilight books has attracted the attention not just of the vampire wannabes, but of actual cyber criminals as well.
Giant black-hat SEO campaign funnels victims to scareware sites - 11.18.2009
Security researchers say that cyber criminals have conducted a large-scale campaign to influence Google results, pushing malware-spreading sites higher on the list and dropping legitimate results to the bottom.
|
