2500 Twitter accounts hacked to spam sexual content, more to follow say researchers
Hackers normally adopt an unusual trick to get things done, and on this occasion, they opted not to tweet or directly message other users, but instead used the compromised accounts to simply like tweets and follow others under the assumption that they will be curious enough to click on the affected profile and take a sneak peek.
Using this clever and calculated approach, several users were met with tweets that claim to offer free sign-ups to the sexually orientated content with shortened links that eventually lead to the full site via an intermediate landing page. According to the findings of Symantec, nearly almost three-quarters of the compromised accounts were created at least four years ago.
According to Infosecurity Chris Boyd, malware intelligence analyst at Malwarebytes, attacks on social media accounts have become a daily occurrence, with countless incidents striking the microblogging website Twitter.
“While the bulk of these peddle diet spam, many redirect to malware and PUPs, and these tactics rely on exploiting the trust of links from associates. Many social media accounts offer a wide range of security settings, from two factor authentication to allowing SSL (assuming it isn’t enabled by default). One of the biggest causes of spam on social media is when a service is connected to another: the moment the connected service is compromised, it potentially allows posting to the non-compromised platform from the hijacked account.”
Boyd has advised severely that social media users should immediately disable connections to services they no longer use, as they should be under the impression that such services present a security risk. Additionally, using a reputable malware program will also go a long way in removing unwanted items from the storage of their machine.
