Twitter account hack warning

Warning: attackers are trying to hijack your Twitter account

Last night I learned about one attack targeting Twitter users. Attackers have a simple goal: they want to hack your Twitter account.

The first step is a Direct Message (DM) or e-mail coming from one of your followers. Attackers have used messages like these:

  • Hey this person is threatening to expose something really serious and bad about you…(some link)
  • This person is threatening to expose something bad about you…(some link)

This is a nasty trick especially when the sender is someone you know and trust. If you receive a suspicious DM or email from a person you know and trust, just warn him/her – the account is most likely hijacked and controlled by the attackers.

If you click the link, you will be redirected to a phishing website like this:

twittler

Twitter phishing site

Be careful not to enter you username, email address and password to sites like this. Check the address bar carefully: twitller.com - one letter makes a big difference. Make sure you are on twitter.com before logging in. Please read Twitter Help Center article: Keeping your account secure.

Just in case: below is a screen-shot of the real login page.

twitter-real-loginWhat can happen if your account is compromised?

  • Your account may start tweeting spam (recent example: diet spam)
  • Your account will send similar DMs to your followers to lure victims
  • You might lose access to your account in case the attackers change your password
  • Attackers will try to hijack your other accounts such as e-mail, Facebook, Pinterest… They will most likely succeed if you use the same password on all services.
  • Etc.

If your account is hacked, read the Twitter Help Center instructions: My account has been compromised.

Further warnings

This phishing site is not the only one and there will be new ones. I believe that the attackers have similar sites for all popular social media services. Attackers can use all kinds of tricks in order to hijack your account(s), including malware. Be careful with suspicious links and double-check the website address before entering your credentials.

Please spread this message. Too many accounts have been compromised already. You can find many frustrated persons tweeting for help on Twitter.

Guys I’m so sorry if you got spam from me! I was hacked. Please disregard any dm’s from me!

@twitter Need some support help. Looks like my account has been hacked. Who can I email?

Update 16-July

Here is the Web Of Trust (WOT) entry about this phishing site including links to PhisTank.

There seems to be quite many similar sites: tcwitter.com (blocked), tvvytter.com (offline), twitteril.com (offline), twlilter.com (offline).

Blocking update 19-July:

Some phishing links are blocked by the popular browsers.

Unfortunately only handful of phishing links are blocked. The site always shows a fake login page with the following format: twitller(.)com/<insert 6-7 characters>/. Blocking individual links is pointless. The whole domain should be blocked or taken down.

Chrome block

Update 25-July: new phishing site spotted

Twitller.com is no longer active. Today I spotted a new phishing site that seems to be a copy of the old one: itwitier.com. Attack scheme is the same: user receives a DM that contains a link to the phishing site.

itwitier phishing siteThe current Virustotal detection ratio of this site is only 4/39.

Other articles about this topic:

Twitter Users Warned of “This Person Is Threatening to Expose You” Phishing Scams – by Softpedia

Beware of Fraudulent Sites, phishing for Twitter accounts by The Hacker News (THN)

Latest phish trawl: Your Twitter friend may not really be your friend by The Register

Please keep spreading this warning

 

 

7 thoughts on “Twitter account hack warning

  1. Pingback: Advierten a los usuarios de Twitter acerca de las estafas de phishing | InsurgentePress

  2. Pingback: Twitter Users Warned of “This Person Is Threatening to Expose You” Phishing Scams | Cyber Security Infotech(P) Ltd

  3. Pingback: New phishing scheme for Twitter - SecurEncrypt - HIPAA/HITECH File Encryption Software

  4. Pingback: Latest phish trawl: Your Twitter friend may not really be your friend

  5. I seldom create responses, but i did some searching and wound up here janne.is
    | Twitter account hack warning. And I do have a couple of questions for you if it’s allright. Is it only me or does it look like some of the remarks look like coming from brain dead individuals? :-P And, if you are writing on other places, I would like to keep up with everything new you have to post. Could you list of all of all your community sites like your twitter feed, Facebook page or linkedin profile?

  6. I had no idea Twitter is so vulnerable. I mean, turned out you can get hacked so easily. Once long long time ago I received message about which you are telling in the beginning. The text was like I can’t believe you could do such a thing, this is disgusting or something like that, and the DM was from one of my school mates so I followed the link (it was short so I couldn’t see the domain it is leading to) and it turned out it was a page of ChaCha resource and of course the link wasn’t related to me.
    How do you think, when we use services like http://www.justunfollow.com that integrate with out accounts or desktop twitter messengers like this one http://softwarepuppy.com/review/TweetDeck.html do our account become easily hacked? Thanks a lot for your reply in advance!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>