File-sharing Scam Targets Twitter Agian | General Discussion Topics | Forum


Please consider registering

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —

— Match —

— Forum Options —

Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
File-sharing Scam Targets Twitter Agian
February 3, 2010
10:10 pm

Anyone gotta "Twitter" account...................better check it out !

File-sharing scam targets Twitter
Twitter has identified a scheme that uses compromised file-sharing sites to steal the log on information of users.

The service said it had discovered a number of compromised "torrent" sites that had been set up specifically to skim usernames and passwords.

Torrent sites acts as indexes of links to TV, film and music files.

Scammers were then able to use the data to gain access to Twitter and other sites because many people use the same logon for multiple services.

The firm has reset the accounts of affected users, it said.

"The takeaway from this is that people are continuing to use the same email address and password (or a variant) on multiple sites," the firm said in a blog post.

"We strongly suggest that you use different passwords for each service you sign up for."

The conclusion is echoed by security researchers who say it is a particular problem for banking websites.

A survey of millions of people conducted by the security firm Trusteer, suggests that 73% of people share the passwords which they use for online banking, with at least one nonfinancial website.

Around 47% of users share both their user ID and password with at least one nonfinancial website, it found.

"Consumers are not aware, or are choosing to ignore, the security implications of reusing their banking credentials on multiple websites," said Amit Klein of the firm.

'Riskiest network'

Twitter said that it had discovered the scam after seeing unusual activity on the site.

After "doing some digging" the firm found a network of compromised torrent sites that had been set up with the sole aim of stealing logon information.

"It appears that for a number of years, a person has been creating torrent sites that require a login and password as well as creating forums set up for torrent site usage and then selling these purportedly well-crafted sites and forums to other people innocently looking to start a download site of their very own," said the firm.

The sites also contained security exploits allowing the person to steal usernames and passwords.

"This person then waited for the forums and sites to get popular and then used those exploits to get access to the username, e-mail address, and password of every person who had signed up."

Twitter said that it hadn't identified all of the affected torrent sites but had reset the passwords of compromised accounts.

The information comes as security firm Sophos launched its annual report.

One of its findings that spam and attacks on social networks - such as Twitter and Facebook - had risen 70% in the last year.

Facebook was branded the "riskiest" network, although the firm also pointed out that it was also the largest and would therefore attract the most attention form cybercriminals.

Not good guys & girls


Forum Timezone: America/Los_Angeles

Most Users Ever Online: 288

Currently Online:
43 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

greeney2: 10297

bionic: 9870

Lashmar: 5289

tigger: 4576

rath: 4297

DIss0n80r: 4161

sandra: 3858

frrostedman: 3815

Wing-Zero: 3278

Tairaa: 2842

Member Stats:

Guest Posters: 2

Members: 24775

Moderators: 0

Admins: 2

Forum Stats:

Groups: 8

Forums: 31

Topics: 9076

Posts: 124330

Newest Members:

omep80, exam online, Patrick Shaw, JaSuRiAiLa, James, wow72, leonahunt, Sadysto, saichon, Crystal

Administrators: John Greenewald: 637, blackvault: 1776