Security news6 January 2009
Celebrity Twitter account hacks raise serious security questions, says Sophos Break-in at accounts of Britney Spears and Barack Obama more worrying than widespread phishing scam which troubled Twitters
IT security and control firm Sophos believes that the embarrassing defacements of celebrity Twitter accounts yesterday demonstrate a worrying security problem for micro-blogging service, Twitter.
Tools that normally only Twitter’s technical support team can use to help locked-out members reset their email address were accessed by hackers, enabling them to steal control of the accounts from their rightful famous owners.
Hackers have targeted the accounts of 33 high profile users with the latest attack, including Britney Spears, American news presenter Rick Sanchez, and president-elect Barack Obama. The message walls of the affected accounts were defaced with offensive or embarrassing messages, which have now been removed by Twitter staff.
This security breach follows news that several Twitter members have recently fallen victim to a phishing attack which saw cybercriminals seize control of user accounts and use them to send spam messages throughout the Twitter community.
"This latest attack is actually much more serious than these people and organisations falling for a simple phishing attack. It appears that Twitter’s systems were potentially exposing everybody’s account to the danger of being taken over by hackers - this breach could actually have been much more serious and affected many more of Twitter's users," said Graham Cluley, senior technology consultant at Sophos. "Twitter needs to take a long hard look at its security to ensure that this never happens again, and regain the confidence of its members. This shocking start to the year for Twitter should send a stark warning to any online company holding details of its users that it needs to make certain it has proper security in place to prevent illegitimate access."
Learn more about the hacked accounts on Twitter
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
