December 13, 2010

Twitter spam campaign linked to Gawker breach

A massive spam campaign that rapidly spread on Twitter has been linked to a data breach at online media company Gawker.

On Sunday, Gawker disclosed that its servers were compromised by hackers to steal readers' emails and passwords belonging to its properties, including Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot.

A hacking group, Gnosis, has taken responsibility for the intrusion, the company said.

As many as 1.3 million accounts details are believed to have been stolen by from Gawker's servers and posted on download site Pirate Bay, allowing others to compromise user accounts, Graham Cluley, senior security researcher at anti-virus firm Sophos, wrote in a blog post Monday.

Moreover, the Gawker breach is being linked to a massive spam campaign that has spread on Twitter.

As of Monday, hundreds of thousands of Twitter accounts were compromised to spread bogus tweets promoting the so-called Acai berry diet. The fake messages appear to have been posted from Twitter accounts of individuals that used the same password for both Gawker and Twitter, Del Harvey, Twitter's director of trust and safety, said in a tweet early Monday.

Some of the messages on Twitter read, “I lost 9lbs using acai! RT This!” and included a link that appeared to use the domain name “acainews.” Clicking the link brought users to a page selling a weight loss pill that supposedly contains Acai berry.

The spam outbreak on Twitter underscores the importance of using different passwords for various online accounts.

“Not enough computer users have woken up to the danger of using the same password on different websites,” Cluley wrote. “Doing that means that if one site gets hacked (as in the Gawker case) then you might also be handing over the keys to other websites.”

In a Sophos survey, one-third of users said they regularly use the same password for multiple websites. The online survey of 676 respondents, conducted March 2009, also found that 48 percent of respondents use a few different passwords, but just 19 percent said they never use the same password for multiple sites.

Gawker has urged registered Gawker Media users to change their passwords immediately. Those who used the same password for any other website should also change the password on that account.

The media company said it is notifying affected individuals. In addition, the company is contracting with an independent firm to improve its secure posture and ensure a similar incident does not occur in the future.

“We understand how important trust is on the internet, and we're deeply sorry for and embarrassed about this breach of security — and of trust,” Gawker wrote.

Related Articles
Related Topics
Related Links

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.