Twitter Inc (NYSE:TWTR) has faced a massive issue, where hundreds of its accounts seem to be hijacked on Wednesday. These hijacked accounts have been misused to deliver malicious messages in huge numbers. It all began at around 2:00 P.M PT, in the afternoon, and the messages have some user giving a testimonial about some dramatic weight loss and life changing events. The messages read – “If I didn’t try this my life wouldn’t have changed.” This was accompanied by a link that led to a spoof site of a Women’s Health magazine, where it promoted a ‘miracle pill’ for weight loss.
A possible security threat
It was not possible to make out whether this would lead to the installation of a malware or some other activity that was potentially harmful. Twitter Inc (NYSE:TWTR) chose not to take any chances and considering it to be serious security threat warned the readers that the link has been flagged as risky and should not be accessed.
Finding the source of the attack was also not easy. According to Ars Technica’s Dan Goodin, possibility was that this attack had some relation with the security breaches at the third-party sites and apps. It was noticed by Goodin that the tag “via weheartit.com” was included in the earlier version of the messages. This has given birth to speculation that some connection was there between the accounts and the social network.
A failure on the part of a third party
The malicious activity on the network was identified by We Heart It, and they informed Ars Technica that they were investigating it. The social network temporarily disabled sign-in and sharing via Twitter Inc (NYSE:TWTR) and this was announced in a tweet.
In an e-mail, We Heart It President Dave Williams wrote: “We are definitely seeing some malicious activity which we have now blocked and are investigating further. Unfortunately I don’t have any other information I can share at this point.”
This incident bears testimony to the fact that if one site or app maker fails to take the strict required safety measures, the safety of other sites and millions of users are, also, at risk. We Heart It had around 25 million monthly users, in December. Its users can directly share content on Twitter Inc (NYSE:TWTR) without leaving the site. It is possible to link the accounts on two different sites using OAuth authentication mechanism.