More than 2,500 Twitter accounts have been compromised according to a recent report. The revelations show that the compromised accounts were used to send out malicious tweets so that they could promote some adult dating websites and pornographic content.
The investigation, which was undertaken by Symantec revealed that the hackers were able to make money by simply redirecting any of the users to these malicious websites they would have advertised. They could make the money through various partner programs. Symantec revealed that during their investigation they noticed that some accounts which belonged to various famous people had also been compromised.
The company wrote in a blog post that during their investigation for this campaign they had managed to find a few of notably compromised accounts. One of the accounts belonged to the electro-funk band Chromeo while the other account was believed to be one international journalist affiliated with the Telegraph. The company also said that as part of their investigation, they noticed that Twitter accounts which belonged to stand-up comedian Azeem Banatwala, Cecil Shorts, the Houston Texans wide receiver, and also the late New York Times reporter David Cart had also been compromised.
The hackers also used different tactics to get people to look at their malicious websites. Instead of simply tweeting the links to the malicious websites or direct messaging, they liked tweets and followed other Twitter users so that they could then lead them to the compromised Twitter accounts.
The Symantec blog said that after users had visited a compromised account, they would then see all these tweets about the free sign up services that gave them options to watch hot shows over webcam and also give those dates or sexual encounters. Each of the tweets would be accompanied by a sexually suggestive photo and a link which used either the Bitly or the Google URL shortener goo.gl.
If users clicked on the links, they would then be sent to a middle man page, which advertised various adult dating and sex websites. After clicking on the link again, users would then be redirected to the original page that was advertised on the tweet. The investigation showed that the hackers would get financial rewards with each increase in traffic on the adult websites.
The Symantec blog revealed that they believed people got close to $4.00 for each new user who signed up on the website after being redirected from the Twitter accounts.
The security firm advised users to avoid following uncanny Twitter accounts. This kind of accounts would have profile pictures, biographies, and full names that were written in suspicious ways. Tweets on these accounts contained adult content and language and also discussions on various webcam sites. The accounts also showed sexual encounters. The company also said the profile picture was changed most of the times to show a woman in a sexually suggestive pose. In some cases, the compromised accounts kept in with the original photo there and some had the default egg avatar photo.
Symantec contacted Twitter and Google to give them information about the compromised accounts and also the shortened URLs involved.
As always, stay safe, and brows with a good VPN.