Yesterday it emerged that Twitter had distributed a message to a bundle of its users asking them to change their passwords due to a potential phishing attack. Indeed, those users were forced to change their login details, and now Twitter has opened up about just why.
The word from the folks at Twitter, who updated the Twitter status blog a few hours ago with some details of the phishing attack that led to its request for users to change passwords. Indeed, it seems that Twitter has seen the culmination of a fairly long-term plan to grab user’s passwords on a large scale. The description of events from Twitter’s point of view essentially details the setting up of filesharing services, complete with security vulnerabilities and then using user’s data on those sites to gain control of their Twitter profiles.
The Twitter blog post on the topic outlines the scheme very well indeed, saying that,
“Torrent sites aren’t exactly ‘new’; however, this is one of the first times that we’ve seen an attack that came from this vector. It appears that for a number of years, a person has been creating torrent sites that require a login and password as well as creating forums set up for torrent site usage and then selling these purportedly well-crafted sites and forums to other people innocently looking to start a download site of their very own … This person then waited for these forums and sites t get popular and then used those exploits to get access to the username, email address, and password of every person who had signed up.”
It’s certainly an interesting case, and one that could well have proved relatively tricky to narrow down. For now, the advice for anyone with a Twitter account is that, if you happen to be a member of any file sharing communities or forums, you should probably change you password, just as a precaution.