We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,785 News Articles

Twitter hit by new phishing attack

Users urged to relinquish passwords

Micro-blogging service Twitter has been hit by another phishing attack in the form of website TwitterCut.

Some Twitter users have reported that they received a message from people they follow urging them to visit TwitterCut and linking to the website. The message implied they could gain more Twitter contacts by following the link.

At one time TwitterCut looked quite similar to the real Twitter login page, said Mikko Hypponen, chief research offer for the security vendor F-Secure.

If a person entered their login details, TwitterCut would then send the same message via Twitter to all of the victim's contacts, a kind of phishing attack with worm-like characteristics. No malicious software is installed on a user's machine, Hypponen said.

Although TwitterCut probably holds the login details for many accounts, it doesn't appear those accounts have been used to spam out links to more dangerous websites.

TwitterCut has been reported to services that blacklist potentially harmful sites, although it is still active. In a warning message now on TwitterCut, the site's operators said they didn't mean to phish people.

Instead, they say they were trying to create a so-called Twitter Train, which are sites that purport to quickly give Twitter users lots of followers. They said they bought the login script on their site for $50 (£31).

"We were not phishing Twitter accounts whatsoever," the message said. "We're shutting down this site."

Hypponen said Twitter should be on the lookout for signs of spam, such as when an identical message appears hundreds and hundreds of times across users' profiles that isn't a 'retweet', or the intentional reposting of other content.

Twitter could also screen URLs to make sure they're not already blacklisted for security issues, Hypponen said. Many browsers as well as search engines will either warn about or block suspicious websites.

Most URLs posted in Twitter have been shortened using services such as TinyURL in order to fit in the 140-character message length that Twitter imposes, obscuring the real destination and making users dependent on the trustworthiness of their friends when clicking links. The service was hit by other worms earlier in the year.

Twitter has acknowledged the phishing problem.

"We are currently pushing a password reset on accounts we believe may have been caught in a phishing scam," the company said. "Please exercise your best judgment when thinking about releasing your username and password to third parties."


IDG UK Sites

Android One vs Android Silver vs Google Nexus: What is the difference?

IDG UK Sites

iOS 8 review: Hands on with the iOS 8 beta

IDG UK Sites

Thinking robots: The philosophy of artificial intelligence and evolving technology

IDG UK Sites

How to shoot a robot rom-com in three days