News

Hackers Hijack Obama's, Britney's Twitter Accounts

Send spurious tweets after gaining control through Twitter's support tools

By Gregg Keizer, Computerworld

January 06, 2009 — CSO —

Hackers hijacked the Twitter accounts of more than 30 celebrities and organizations, including President-Elect Barack Obama, Britney Spears and Fox News, early on Monday, the company confirmed today.

"This morning we discovered 33 Twitter accounts had been 'hacked,' including prominent Twitter-ers like Rick Sanchez and Barack Obama," Twitter co-founder Biz Stone said in post to the company blog. "We immediately locked down the accounts and investigated the issue. Rick, Barack and others are now back in control of their accounts."

Earlier in the day, the hacked accounts had been used to send malicious messages, many of them offensive. CNN correspondent Rick Sanchez's account, for example, tweeted a message claiming that "i am high on crack right now might not be coming to work today," while Fox News' Twitter update reported "Breaking: Bill O Riley [sic] is gay," referring to the network's conservative talk show host.

According to Twitter, the accounts were hijacked using the company's own internal support tools. "These accounts were compromised by an individual who hacked into some of the tools our support team uses to help people do things like edit the e-mail address associated with their Twitter account when they can't remember or get stuck," Stone admitted. "We considered this a very serious breach of security and immediately took the support tools offline. We'll put them back only when they're safe and secure."

Today's admission was only the latest security problem for Twitter. On Saturday, identity thieves launched a phishing campaign on the micro-blogging service that tried to dupe users into divulging their account usernames and passwords.

On Sunday, criminals changed their tactics to use messages about Apple's iPhone as scam bait, a security expert said Monday. "A lot of users have fallen for the first scam," said Graham Cluley, a senior technology consultant at Sophos PLC, describing the Saturday tweets. "Now [the attackers] are changing their modus operandi."

Rather than tricking people into visiting a page spoofing Twitter's sign-on screen, the second wave of tweets was essentially spam, said Cluley. The iPhone-related tweets were messages such as "hey. i won an iphone! come see how here" or " Wanna win the new iPhone? It's so easy and cool, I love this thing!" along with links to sites that ask for, among other things, the user's cell phone number.

"They may be making money as part of an affiliate scheme," said Cluley, of the second-stage Twitter spam. The criminals may be reaping revenue from ads on the sites the tweets steer users to, or by convincing people to sign up for expensive text message plans.