

Tell HN: It might be a good time to change your twitter password. - paulgb

Something odd seems to be going on with twitter. Accounts are posting a message that says "Today was so exciting! Made $124 in 20 minutes! if ur interested, go read: [spam link]"<p>http://twitter.com/#search?q=%22today%20was%20so%22<p>The posts started a few hours ago, stopped for a while, and just recently started again. It may be that a 3rd party service was compromised, so if you've given your twitter credentials to another web site, it's worth the time to change your password. The volume (many thousands of accounts, including people I know who would not be inclined to sell posts) and nature of the posts seems to rule out the possibility of a paid posting service.
======
jkincaid
Here's a question I've had for a while now. It may sound naive, but I'll ask
it anyway: Given the way Twitter is set up to track current trends, shouldn't
it be really easy for them to identify when one identical tweet gets repeated
hundreds or thousands of times at once? Obviously sometimes such tweets are
legit (especially in the case of retweets) but it seems like this should be
fairly easy to flag and delete quickly.

~~~
alexfarran
They're suspending people's accounts pretty quickly if they tweet the google
cash scam.

------
matt1
The spam points to a site that says it was "As seen on MSNBC, CNN, ABC, CNBC,
and As Seen on TV"... With such credentials, how could it not be legit? Plus
it only costs $1.95 to get started!

/sarcasm

------
kitcar
I was under the impression that all the major social APIs (facebook connect,
twitter, etc...) terms of service prevent 3rd party services from storing any
data for more than 24h?

~~~
swolchok
"Thou shalt not" is not a security policy.

------
sriramk
I know of atleast one person whose account has been compromised. He swears he
didn't give out his creds to any service. My guess is this is a 0-day being
exploited

~~~
abyssknight
I remember this being discussed at Defcon. Wouldn't surprise me if someone
managed to script a JavaScript DDoS worm. It really wouldn't be too hard to
do.

------
raid5
I first saw this about a week ago, so it has been happening for some time now.

------
varenc
Could be a cross site scripting vulnerability in twitter, doesn't necessarily
mean that those users passwords have been compromised...but you can never be
too safe!

~~~
lukeofman
Well lets assume for a second that it is instead a service that got
compromised... unless you use a bad service that saves your password, they are
using auth tokens which may not necessarily stop working just because you
change your password.

------
nickfox
I would also beware of friending really cute girls that friend you first. And
here I thought they were actually interested in my mind...

~~~
ludwig
Yeah, it turns out they were only interested in my body all along...

------
il
Might just be an affiliate spamming Twitter. You should complain to the
advertiser they are running the offer with- they will get kicked off and not
paid for spamming/noncompliance.

------
omfut
weird. I changed my twitter password and something went crazy. I tried
starting my tweetdeck, it failed to connect for obvious reasons. It had my old
password. After this, twitter would not allow me to log in again. Here is what
i see on twitter screen: Locked out! We've temporarily locked your account
after too many failed attempts to sign in. Please chillax for a few, then try
again.

~~~
oomkiller
Yeah, Tweetdeck or something else that used the old password got your account
locked out. This happened to me! You can get around it by going to
<http://help.twitter.com/portal> and using the log in. It allows you to login
even if you are locked out, and if you login there apparently it sets up a
session or cookie that logs you into the main site. Pretty much makes the
lockout thing useless!

~~~
mp3jeep01
Seems that doesn't even work anymore...Twitter seems to be completely
dead...anyone else having trouble accessing it?

------
eli
Probably just (another) cross-site scripting exploit

