According to a recent Symantec official blog post, more than 2,500 Twitter accounts have been hacked and taken over to send out tweets that contain sexually suggestive photos with links to adult sites.
The investigators noted that the hackers often replaced the compromised Twitter account profile photos with provocative images of women in revealing attire and steamy poses. They also altered the account's biography and full name with a random handle and a shortened URL leading to a sexually explicit site.
These accounts then send out tweets that contain sexually suggestive photos with links to websites offering free sign-ups to adult sites. The hacked accounts also randomly like tweets and follow other users in an attempt to have users check their profiles and get a follow back.
The compromised accounts even include some celebrities such as the band Chromeo, Houston Texans' Cecil Shorts III and comic Azeem Banatwala.
The investigators also recently added the verified Twitter accounts of CNN's Paula Newton, National Post's Anne Marie Owens, the Los Angeles band XO Stereo and Kristen Kennedy (WKYT Anchor) to the list of victims.
Symantec Senior Security Response Manager Satnam Narang noted that the motive behind these attacks is likely monetary. "The adult dating website linked to in this campaign incentivized people to drive traffic to their sites," he wrote. "They do this through affiliate programs that pay people for getting users to sign up."
The site reportedly gives incentives to affiliates by paying $4.00 for each new successful sign up. This is accomplished by linking to an ad landing page, which leads to the actual adult site. Each clickthrough has an affiliate tag that identifies where the traffic is coming from.
The investigation also revealed that most of the accounts are four- to five-year-old orphaned accounts that have not been active in years. It is likely that these accounts were compromised by passwords mined from other website breaches, according to this report by SCMagazine. The attackers merely used the same acquired passwords from older breaches to gain access to the Twitter accounts.
To safeguard your account and prevent this from happening to you, here are a few vital tips you should consider:
- Always create strong user passwords. Preferably use one that has a combination of lowercase and capital letters, numbers and symbols so it is harder to gain access.
- Never re-use your passwords. Keep all your online account passwords distinct, that way, if one of your accounts gets compromised, you don't risk your other accounts.
- Turn on Twitter's two-factor authentication called Login Verification. This texts a verification code to a mobile phone you register to authenticate your identity when logging in from a particular device.
- If possible, check your Twitter account occasionally. Check changes on your profile or tweets that may have been sent without your knowledge. If you think you are not going to use Twitter for a long time, consider deactivating your account.
- Be careful with shortened links and links sent via email. They could be phishing scams. Always check and verify the URL of the site you are redirected to.
- Consider using a password manager app. They usually have the ability to create complex passwords with encryption and you could store all your credentials in one convenient place.
- Scan your computer for viruses. Malware and other malicious programs may have infected your computer and are logging your credentials.
Twitter also encourages users to report any suspicions of compromised accounts. To do this, just go to the suspected Twitter profile, click on the gear icon, select "Report" then choose "Their account may be hacked." This will prompt Twitter to review the profile and the report filed against it.