Twitter flooded with malicious tweets from compromised accounts

Over the last 24 hours or so, Twitter has been flooded with spam tweets from compromised accounts which appear to be coming from third party apps and services.

It has been observed that social media spam has been replacing email spam in recent times and now Twitter has apparently been hit yet again by a sizeable wave of such spam tweets. According to Ars Technica, the tweets initially seemed to be coming from accounts linked to social image sharing site weheartit.com. However, later on, the same tweets started appearing from "Twitter for iPhone" which isn't necessarily a reliable indicator, as the source can be easily spoofed.

Weheartit.com's president responded to Ars in an email saying, "We are definitely seeing some malicious activity which we have now blocked and are investigating further. Unfortunately I don't have any other information I can share at this point." The company has since disabled Twitter logins and sharing to prevent further spam.

All the tweets which have been observed by Twitter users contain the same message: "If I didn't try this my life wouldn't have changed" and a shortened URL. It is yet to be determined whether the spam URL links to spyware but users are recommended not to click on these links nonetheless. Those users whose accounts have been compromised should revoke access to the third-party services linked to their accounts and change their passwords to prevent further spam.

Source: Ars Technica | Computer Spam Image via Shutterstock, lower image via Ars Technica 

Report a problem with article
Previous Story

Apple's Tim Cook: Microsoft should have released Office for iPad sooner, defends tablet sales

Next Story

Accessory listing points to May release of Surface Mini

24 Comments

Commenting is disabled on this article.

The USA must be the world's spam-central. I had more crap from there than anywhere else, mainly at work so I've blocked any emails with the .us domain.

IMO,
Anyone using Twitter or Facebook is asking to be compromised themselves and what better targets could you ask for than those huge sites?!

With the stuff I see posted on Facebook on other people's computers, I always have to ask myself if this is what life has become, especially when I see people who can't set their phones down for 5 minutes without acting like they're going through with drawls! Some of the dumbest s**t imaginable!

I've offered people as much as $20 to set their phones down for 5 minutes and had them INSTANTLY decline the offer! I know $20 isn't that much, but for 5 minutes? That would equate to $240/hr!! Some people are just as stupid as the stuff they post!! :)

I'm certainly seeing a knock-on affect from this - I was unable to access the Twitter website for several minutes last night (no "blue whale" or "something went wrong" message, just stuck on "Connecting..." for several minutes).

In addition, this issue also seems to be causing a significant delay in the sending of activation confirmation emails when you open a Twitter account. I opened one over 24 hours ago, and have yet to receive the confirmation email (despite clicking the "Resend Confirmation" link a number of times). Other Twitter users appear to be experiencing the same problem too over the past day or so.

Steven P. said,
Thats the issue with shortened urls, half the time that's what's used in Twitter.

That's why link shortening services should display a page after you click, showing you what the link will be with either a countdown, or a "Continue" link.

jren207 said,

That's why link shortening services should display a page after you click, showing you what the link will be with either a countdown, or a "Continue" link.

I prefer hover over a link with website snapshot preview. I wish all of providers do this to their links.

shozilla said,
I prefer hover over a link with website snapshot preview. I wish all of providers do this to their links.
No matter what, there are ways to get around this. A website can return custom content just for bots but redirect for regular users (or even use a script to change the URL after 2 seconds or something), change the page contents after 2 seconds with a script, or a site can change its contents 5 minutes after first creating the short link (they can't take screenshots every five minutes for every link ever created).

Our world online is never going to be safe. You're always going to have to keep yourself in check with good security practices and we're never going to wipe out every exploit because the Internet keeps growing, and new code is where exploits are born. And, we're going to continued to be tricked, and fix those things one at a time. That's just how things are.

Personally, I treat shorturls the same as unknown attachments in email.

If it's something that I find intriguing I'll use an unshortener.

Nothing too crazy, just some fake Womenshealth magazine, I guess some idiot subscribed and did whatever the site asked ;P

_YOLO_ said,
Can someone try to go to that link? I wanna see whats in it

For someone named YOLO you surely aren't living on the edge by not following the link...

SledgeNZ said,

For someone named YOLO you surely aren't living on the edge by not following the link...


Well I wanted to..but Dad might not be happy(if it happens to be a virus, a p0urn site, or both)