Archive

Once again twitter has been the target of malicious individuals in a co-ordinated web attack. Twitter has reset all accounts affected by a phishing scam perpetrated by phony torrent sites.

According to a blog post by Twitter administrators, the company suspects dodgy file sharing and torrent sites of compromising users login details. Specifically, they believe several torrent sites - designed by one person or one group of people and sold on to people looking to establish their own download site - that require login details, have been exploiting users' tendency to share email addresses and password combinations across multiple websites.

Twitter stated that they believe that the rogue programmer waited for the forums and sites that used their code to get popular and then used those exploits to get access to the usernames, email addresses, and passwords of every member that had signed up.

As users - against the repeated warnings of security experts - often use the same login details across a variety of different websites, the rogue programmer may have used the sensitive information to log in to third party sites, Twitter officials said.

Password reset requests were sent to anyone thought to be targeted by this scam, and the popular social site and security experts everywhere also encouraged users to develop good password management habits and to select unique passwords and user names for each site they join to help ensure that they keep their online identity secure.