Breach, Data Security, Network Security, Threat Management, Vulnerability Management

Twitter spam campaign linked to Gawker breach

A massive spam campaign that rapidly spread on Twitter has been linked to a data breach at online media company Gawker.

On Sunday, Gawker disclosed that its servers were compromised by hackers to steal readers' emails and passwords belonging to its properties, including Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot.

A hacking group, Gnosis, has taken responsibility for the intrusion, the company said.

As many as 1.3 million accounts details are believed to have been stolen by from Gawker's servers and posted on download site Pirate Bay, allowing others to compromise user accounts, Graham Cluley, senior security researcher at anti-virus firm Sophos, wrote in a blog post Monday.

Moreover, the Gawker breach is being linked to a massive spam campaign that has spread on Twitter.

As of Monday, hundreds of thousands of Twitter accounts were compromised to spread bogus tweets promoting the so-called Acai berry diet. The fake messages appear to have been posted from Twitter accounts of individuals that used the same password for both Gawker and Twitter, Del Harvey, Twitter's director of trust and safety, said in a tweet early Monday.

Some of the messages on Twitter read, “I lost 9lbs using acai! RT This!” and included a link that appeared to use the domain name “acainews.” Clicking the link brought users to a page selling a weight loss pill that supposedly contains Acai berry.

The spam outbreak on Twitter underscores the importance of using different passwords for various online accounts.

“Not enough computer users have woken up to the danger of using the same password on different websites,” Cluley wrote. “Doing that means that if one site gets hacked (as in the Gawker case) then you might also be handing over the keys to other websites.”

In a Sophos survey, one-third of users said they regularly use the same password for multiple websites. The online survey of 676 respondents, conducted March 2009, also found that 48 percent of respondents use a few different passwords, but just 19 percent said they never use the same password for multiple sites.

Gawker has urged registered Gawker Media users to change their passwords immediately. Those who used the same password for any other website should also change the password on that account.

The media company said it is notifying affected individuals. In addition, the company is contracting with an independent firm to improve its secure posture and ensure a similar incident does not occur in the future.

“We understand how important trust is on the internet, and we're deeply sorry for and embarrassed about this breach of security — and of trust,” Gawker wrote.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.