Application security, Threat Management

Twitter’s hacker warning has users scratching their heads

An email notification sent by Twitter late last week warning some users that they may be targeted by state-sponsored hackers elicited more confusion than concern.

Twitter emailed an undetermined number of users that stated their Twitter account is among those the microblogging site believes may be under threat by state-sponsored actors. The email, which was posted on Twitter by Coldhak – one of the potentially targeted groups, offers no evidence that there is a danger.

“At this time, we have no evidence they obtained your account information, but we're actively investigating this matter. We wish we had more we could share, but we don't have any additional information we can provide at this time,” Twitter wrote.

Twitter then goes on to say that these accounts may not have been the intended target of the suspected attack, adding that those who tweet under a pseudonym should be particularly concerned. But Twitter again gives no reason why and then proceeds to recommend users look into using the Tor Project to learn how to protect themselves.

The lack of details in the email led one recipient to call the notification unhelpful.

“My initial reaction was that the email is not terribly helpful. The email does not say what I can or should do next, only that my account "may have been" attacked. I have not seen anything suspicious activity
regarding my account, so I suspect this is not a password/two-factor auth issue,” Runa Sandvik, a privacy and security researcher, and one of those who received the note, told SCMagazine.com Monday in an email.

Sandvik had no idea who Twitter was alluding to in its email, but speculated it could have something to do with her work.

However, Cassie from @myriadmystic and co-founder Crypto Party Minnesota, who also received the missive, but did not give her last name, said she was appreciative of Twitter reaching out directly and said the message itself was fascinating if not very clear.

"I'm also curious, of course, about the information that Twitter has to make them believe these were state-sponsored attacks in some fashion," Cassie told SCMagazine.com in an email Monday.

Cassie also twisted Twitter's tail a bit saying, "I hope that Twitter suggesting Tor usage to those of us who received the notices means they may stop locking out Tor users and asking for phone numbers (which we now know are likely being targeted) in order to regain access to accounts. I'm not holding my breath for that to happen though."

According to The Guardian, the others on the receiving end of the warning are all involved in the internet security, privacy or communication fields.

Twitter's action follows that of Google and Facebook which have already announced they would inform their users if a state-sponsored actor targets their account.

Social media platforms do provide a rich hunting ground for cyber criminals due to the plethora of information the participants so willingly provide.

"There is such an abundance of personal information on social media platforms that hackers are able to use to breach common security systems such as passwords or security questions. For example, one of the most common security questions is “What is your mother's maiden name?” By simply looking at friends and followers, hackers can potentially find out the last name of your mother's father or brother and have the answer," Jonathan Klein, President of the cybersecurity firm Usher told SCMagazine.com in an email Monday.

Attempts to contact Twitter to discuss the issue were unsuccessful.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.