Twitter Accounts Hijacked after Mauritania Hacker Leaked Database
Cyber-crooks started to exploit the database recently leaked by a Mauritania hacker and filled with juicy Twitter details. Several HotForSecurity readers saw their accounts compromised and pushing spammy content without knowing it.
The Islamist hacker from Mauritania leaked more than 15,000 account details last week on a file-sharing service. Soon after, users complained their Twitter account had been hijacked.
“Twitter believes that your account may have been compromised by a website or service not associated with Twitter,” the platform’s representatives said. “We’ve reset your password to prevent others from accessing your account.”
The user created a new password for his Twitter account with a combination of letters, numbers, and symbols. He also enabled two-factor authentication.
Here are some tips and tricks from Twitter to prevent hacking and abuse:
• Always check that your browser’s address bar is on a https:// website before entering your password. Cyber-criminals create hundreds of phishing web sites a day that look just like Twitter, so check the URL before entering your login information.
• Avoid using websites or services that promise to get you lots of followers. These sites have been known to send spam updates and damage user accounts.
• Review your approved connections on your Applications page at https://twitter.com/settings/applications. If you see any applications that you don’t recognize, click the Revoke Access button.
Besides user IDs, the details leaked by the Mauritania hacker included OAuth tokens, so Twitter users are also advised to revoke and re-establish access to third-party apps. The hacker told Techworm that he has access to the “entire database of users on Twitter.”
Similar recent news focused on a critical Pinterest vulnerability that exposed 70 million user accounts. The bug was discovered by an independent security researcher and may have allowed cyber-criminals to view personal details of all Pinterest users.
To secure your social media accounts, remember to check our ultimate security guide.