Your twitter account has been hacked? How to fix this (and avoid it happening again)

Justin   |   3 Comments » Posted on July 01, 2012

My Twitter account was “hacked” a number of months back, and the accounts of a number of people I follow have been hacked on a fairly regular basis since. This is unfortunately a regular occurrence and spammers are increasing their efforts to get access to people’s accounts to spam their followers.

How do you know if someone you are following has been “hacked”? 

You will in all likelihood get a direct message from someone you follow which will be a generic message (but interesting or tempting one) which will have an embedded link to a site. Links these days are mostly shortened so you won’t immediately be able to see the final destination site. Clicking on it could be compromising your account and / or delivering up malware to your PC which your Antivirus software may or may not detect. So avoid clicking these.

Common messages that are coming up recently as direct messages include :

  • Twitter might start to charge in July, sign this petition to keep the service free! (link removed)
  • Hi, this user is saying really bad rumors about you … (link removed)
  • Hi some person is saying really bad things about you … (link removed)
  • Hi somebody is posting horrible rumors about you … (link removed)
  • Hey someone is saying nasty things about you… (link removed)
  • Various messages about weight loss or other obvious spam

How do you know if you have been “hacked”?

Your followers will send you messages pretty quickly to tell you, or they will be asking you why you are sending them strange messages (like the ones above). Don’t ignore these or react negatively, thank them for the warning and get on with fixing the problem before more of you followers are spammed and / or compromised.

What to do when you have been “hacked” ?

  1. Change your password.
    • Choose something decent, not a real language word, chuck in some numbers or special characters, and don’t think you are smart by using l33t sp3@k (leet speak).
    • Ra35!!me would be good, whereas P@ssw0rd would be bad.
  2.   Check to see what applications are “authorised” against your account. This can be used to keep sending SPAM even after you have changed your password.
    • Log in to your Twitter account on the web and open up your account settings.
    • Click on the Apps tab in the left-hand menu.
    • Read down through the list of applications to see that you know about them and trust them
    • If unsure of an application, revoke its access. You can always approve it again later.
  3. Check that if you associated your mobile number with your twitter account you have set up a PIN
    • Log in to your Twitter account on the web and open up your account settings.
    • Click on the Mobile tab in the left-hand menu.
    • Choose a PIN if you don’t have one (mix of 4 numbers and letters)
    • Go to the bottom of the page and click Save changes.
    • If your PIN is OK you will see a confirmation message.
  4. Apologise to your followers. Send them here if they have been “hacked”. Shortlink : http://j-j.co.za/twithack
  5. Be vigilant

 How did you get hacked?

You may have clicked on one of the direct message links as per the examples above, or you may have received an interesting tweet or link to :

  • Sign a petition to stop twitter becoming a pay service
  • Save the Rhino, the Dolphins or the World
  • Anything else that looked interesting

If you do inadvertently click on a link, in some cases the URL shortening service (eg. bit.ly) will pop up a warning where they have determined the link to be dangerous. Consider this your guardian angel, say thanks and close the window.

If unlucky, you will end up on the page the attackers want you to. The most recent two I investigated put me on a page on tvvitiler.com which was a copy of the twitter login page with a timeout message asking me to log in again. If you are unfortunate enough to do so, that’s you toast, proceed to the fix section below :) The sites hosting these fake login pages vary from post to post and are more often than not themselves hacked, with the unlucky owners unaware of what is happening.

Chances are therefore that some website or app somewhere conned you into giving your credentials to Twitter or the app/site so that it could post something on your behalf. It may well be something that you wanted posted, however, it then piggybacks off that to send a whole lot of unwanted stuff. Just be aware, and vigilant, and followup quickly when something happens.

With information security, knowing how to react and clean up is just as important as prevention. It is not a matter of if, but of when your account will be compromised.

Thanks to :

  • Mandy Wilson (@Mandywilson_SA)
  • Samantha (@MetroGalZN)

If you have further comments and insight please leave it in the comments here or tweet me (@jjza). Please share this information (http://j-j.co.za/twithack)

P.S. To those infosec folks reading this, apologies for my very liberal use of the word “hack”

Written by Justin Research, Security, Social Media   |   Tags: , , , , , , , ,

Running the standard Android Drifta app on non-standard phones

Justin   |   24 Comments » Posted on September 27, 2011

Before the hacked version of the DStv mobile application surfaced people were looking for ways to get the standard application to work on devices other than those supported, as well as on rooted devices. That playing around stopped with the hacked version. Now that DStv has taken to asserting their copyrights to the application a lot of people have not been able to get hold of the hacked application. The same outcome can be achieved without needing to infringe DStv’s copyright. Below is the short and more detailed version of this :

  • If your device is not supported, you can change your device’s identity so that it looks like a supported device.
  • If your device is rooted, you can temporarily unroot it using OTA Rootkeeper.

That’s it. Simple, yes?

Below is Johan’s feedback and instructions (edited a little with links added to make your lives easier).

Read the rest of this entry »

Written by Justin Fun things to do, Gadgets   |   Tags: , , , , , , ,

The DSTV Drifta application for Android has already been hacked to work on “non supported” devices

Justin   |   2 Comments » Posted on September 08, 2011

Update (9/9/2011) : As of this morning many more devices are supported. The application description still only lists the initial Galaxy devices but if you have an HTC, Sony Ericsson (and maybe others) the Market Place now shows up the app for your phone whereas before it was listed as incompatible. Try the official application before any of the hacked ones!!

For those who are still desperate:

There have been a number of posts around the net with users expressing their annoyance and dismay at the limited number of Android devices that are supported by DStv mobile.

It didn’t take long for users to start making their phones look like a Samsung Galaxy S to get the software to run, which worked quite well but required some modification of the phone (rooting it and changing property files).

Some kind soul (anonymously known as PeterJoe) then hacked the install file to allow it to run on rooted devices as well as fake the check to make it work on any phone (posted to MyBroadband.co.za).  This doesn’t work on every device but many are supported. Sadly the Samsung Galaxy 10.1 doesn’t seem to be one of them.

See how to do this in the FAQ : http://j-j.co.za/faq/getting-the-drifta-software-to-work-on-unsupported-devices/

Enjoy the World Cup.

Written by Justin Fun things to do, Gadgets   |   Tags: , , , , , , , , ,

Paying the rent

Close block

Paying that rent

Close block

Post history

Close block
July 2015
S M T W T F S
« Jun    
 1234
567891011
12131415161718
19202122232425
262728293031  
%d bloggers like this: