Twitter accounts of more than 2,500 users including those having many followers have been hacked in two weeks. The affected accounts have been changed by pornbots as they tweeted sexual content and links to adult dating websites.
Pornbots Hack More Than 2,500 Twitter Accounts With Sexual Content
According to Symantec, more than 2,500 Twitter accounts have been hacked and the targeted accounts tweeted links of adult dating websites and websites with sexual content. Moreover, hackers also changed the profile pictures of users, details including their full name in order to take the promotion of adult sites to the next level.
However as per Symantec, hackers were doing sort of business in this attack as the hackers are believed to have earned $4.0 for every user who signed up to the link posted by the pornbot via affiliate programs.
“During our investigation into this campaign, we found a few notable compromised Twitter accounts belonging to electrofunk band Chromeo as well as an international journalist from The Telegraph. In addition to our investigation, recent reports found that the Twitter accounts of stand-up comedian Azeem Banatwala, Houston Texans wide receiver Cecil Shorts III, and the late New York Times reporter David Carr were also compromised,” stated Symantec.
Surprisingly the attackers have embraced new strategy not to tweet or send direct message to other users, the hackers used the targeted accounts to like tweets and follow other users with the expectation that they will be little perplexed to click on the targeted profiles of users.
“If a user visits the compromised profile, they will see tweets that claim to offer free sign-ups to watch “hot shows” over webcam, or dates and sexual encounters. Each of these tweets includes sexually suggestive photos and shortened links using either Bitly or Google’s URL shortener, goo.gl,” the blog further stated.
On clicking the links, users will be redirected to landing page or in other words we can say the website of adult or sexual content. Also, if the user clicks on the link of the landing page, he/she will be redirected to the original site of the advertiser.
Since, the attacks like this mainly have one objective, that is driving more traffic to the sites of hackers. Also, the investigators also stated same regarding this twitter attack.
“They do this through affiliate programs that pay people for getting users to sign up. Based on our research, we believe the affiliate involved in the Twitter account compromises would earn US$4.00 for each person who signs up for the website,” said Symantec’s blog.
“The original profile photo is often changed to a photograph of woman, typically in a suggestive pose or wearing lingerie/swimwear. However, some compromised accounts maintain the original profile photo or, in some cases, use the default “egg” avatar associated with new Twitter accounts.”
The Symantec also highlighted some steps that the users are supposed to follow in order to protect their Twitter accounts from such attacks. We have highlighted the methods which the security firm has stated :
- Create a strong and unique password: It is likely that many of the compromised accounts used weak passwords or re-used passwords on other services.
- Use a password manager: If you want to create and securely store your passwords, we suggest using a password manager. While there are plenty to choose from (LastPass, 1Password, Dashlane, KeePass, Password Safe, Norton Identity Safe), we suggest you use one that best meets your needs and your budget.
- Consider enabling Twitter’s Login Verification: Instead of relying on just a password, Login Verification requires you to enter a code that is sent to your mobile phone. This adds an extra layer of security and helps prevent unauthorized access to your account. Just be sure to securely store your backup code in case you lose your mobile phone.