Security Social Media

Malicious Spam Tweets Flood Twitter From Hacked Accounts

Ryan Dube 25-04-2014

Every now and then it’s common to see spam messages on Twitter promoting some weight loss pill or dating site, but this Thursday hundreds of tweets flooded Twitter promoting a weight loss “miracle pill”.


The attack started at approximately 10pm UTC and initially showed up as regular users tweeting the message, “If I didn’t try this my life wouldn’t have changed.” The link was a carefully parsed URL made to appear as though it was a link for a women’s health website, while the actual URL led users to a spoof women’s health magazine site.

The spoof page appears as a typical spam-site meant to trick visitors into buying the product, but it is uncertain whether the site might also install malware or otherwise compromise the visitor’s machine.

Hundreds of Twitter Users Hacked

An early clue as to the source of the attack came from Dan Goodin of Ars Technica, who reported that nearly all of the earliest tweets were linked to the social network This indicated that the first compromised accounts might have come from the social network, but later tweets were also sent from other apps and services, so it wasn’t clear what directly caused the mass of hacked Twitter accounts Don't Get Hacked on Twitter: What to Do to Stay Safe Sites like Twitter are not soft targets. Twitter has even implemented security protocols like DMARC for stronger phishing protection. But even as I write this, news has come in of a hijacked Associated Press Twitter... Read More . However, We Heart It President Dave Williams did inform Ars Technica that the We Heart It had detected “malicious activity” on its network and was investigating the cause.


Within hours of the attack, Twitter flagged the link as potentially harmful What To Do If You Think Your Computer Has Been Hacked Into Have you ever had your computer hacked, or wondered if some off mouse movement was down to an online intruder? The threat remains a potent one, but with adequate security software installed on your computer... Read More , while at the same time We Heart It initiated a temporary disabling of all sign-in and sharing features via Twitter until the issue was identified and resolved.


The website link that readers were sent to was (hxxp://, which parses out to the source website The registered owner of that domain is a Jake Swagger of San Francisco, California. The fact that the name is not cloaked and easily identifiable through a simple Whois lookup implies that either the website itself was likely hacked or the registration information is fraudulent. MakeUseOf queried the contact email for the domain, and it bounced back as an invalid Yahoo account.

This incident reveals the risk of connecting too many external accounts and services to accounts like Twitter and Facebook How to Find Out If Your Facebook Account Has Been Hacked With Facebook harboring so much data, you need to keep your account safe. Here's how to find out if your Facebook has been hacked. Read More . Once one of those accounts is compromised, Facebook and Twitter passwords are also at risk.

Users who made use of We Heart It in the past should immediately change their passwords to protect from account hijacking, and to prevent further spread of the attack.



Related topics: Spam, Twitter.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *