Twitter finds a Password-Snatching - RAT

3:50 AM // 0 comments // ngsk // Category: Hacking , Micro Blogging , Network intrusion , News , Security , Spamming , Twitter //

Once again Microblogging sites came under attack by spammers, this time it is the turn of twitter.

Twitter identified that there was a sudden growth in the number of followers for few accounts over the five-day period leading up to Tuesday. This latest attempt came through torrent file-sharing sites that contained hidden security exploits and backdoors.

Due to this situation twitter asked most of its users to reset their passwords. Del Harvey, the microblogging site's director of trust and safety, gave the reasons why twitter is suddenly asking its users to change passwords on his blog

As part of our ongoing efforts to monitor our user base for odd activity, we noticed a sudden surge in followers for a couple accounts in the last five days. Given the circumstances surrounding this, we felt it was best to push out a password reset to accounts that were following these suspicious users.

According to Harvey, that over the last few years, a coder has been creating torrent sites that require a login and password, as well as forums set up for torrent site usage. The coder sells these to people who want to start their own download sites.

What is a Torrent?

Torrents are tiny files created for use by BitTorrent clients. BitTorrent is a peer-to-peer file-sharing protocol for transferring large amounts of data over the Internet. Torrents must first be downloaded from various Web sites, then loaded into a BitTorrent client. From there, the client will communicate with other BitTorrent applications around the Internet and download the larger target file onto the user's computer.

Now coming up to our story, from past few months a crooked coder is creating forums and sites. The coder waited until the forums and sites were sold out and attracted large number of members, then activated the security holes to get the usernames, email addresses and passwords of those members. That means Forums and sites were hacked first which might have resulted in spamming of the Twitter using those Email addresses and passwords which were acquired by crooked coder by hacking those Sites and forums.

According to Harvey, Twitter havn’t identified all those forums r sites and it is also impossible.

However, he issued a warning to users: "As a general rule, if you've signed up for a torrent forum or torrent site built by a third party, you should probably change your password there," he wrote.

The root cause of this hacking problem might be because of the common tendency of people using common username and password for multiple sites. For example, a survey conducted by Trusteer found that 73 percent of people is using their online banking passwords with at least one non-financial Web site, and 47 percent of users share both their online banking user ID and password with at least one non-financial Web site.

From Technewsworld

Prefab Sites Could be Dangerous

The attack on Twitter points to another problem that might become endemic soon: the increasing use of pre-built applications and sites by people who want to make money online.

"A lot of entrepreneurs are looking to make their fortune on the Web but may not have the technical knowhow or the time and patience to build their own sites or applications," Graham Cluley, senior technology consultant at Sophos, told TechNewsWorld. "They are likely to acquire a prefabricated Web site, whether it be for searching torrents, online dating or a message forum."

That problem might become worse over time. "Why should people have to build their own Web sites rather than acquiring the pieces and simply giving them a paint job?" Cluley asked. "Imagine if we all had to build our own television sets or cars instead of buying them."

Companies offering online services need to think about ways to further improve security, Qualys' Kandek said. "Twitter could argue that this latest attack has nothing to do with it and, strictly speaking, it would be right," he pointed out. "But in terms of the Internet ecosystem, security is a real problem we all need to work to solve."

One solution to this problem could be for companies that provide services to use two-factor authentication. This combines something a user knows, such as a username and password, and something the user has, such as a token or mobile phone.