Twitter: Gone phishing? Obama, Britney, and Facebook accounts hacked

Twitter, after suffering from a weekend phishing attack that stole the usernames and passwords of site users, has been hacked, with prominent Twitter accounts affected. Fox News’ account declared for about an hour that “Bill O’Reilly is gay” while Barack Obama’s account, which was last used in November on election day, posted a long link to a third-party survey with the lure of a gas card prize — at least the hacker is sort of non-partisan?

[aditude-amp id="flyingcarpet" targeting='{"env":"staging","page_type":"article","post_id":102257,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"social,","session":"C"}']

Rick Sanchez, a CNN anchor and frequent Twitterer, was declaring earlier he was “high on crack and might not be coming into work today.” Britney Spears’s account, started in October to promote her new single and upcoming tour, took a sharp turn from cheerful updates about eating Pinkberry frozen yogurt and relaxing with family to a poorly-punctuated attack on her nether region. Aw, hackers, just leave Britney alone!

Facebook’s Twitter account is also among the hacked, with a link to porn at “http://yougetlaid.info” that was just removed.

It doesn’t appear these hacked accounts are related to the phishing scam of the weekend, as ReadWriteWeb points out, since the phishing works through direct messages that send e-mail notifications to the user that run along the lines of “check out this funny blog about you!” The message includes a link to a site that looks exactly like the Twitter homepage. Once the unassuming user clicks on the link and logs in to the masquerading page, the hackers obtain the user’s log-in information and can take over an account. However, Fox News isn’t following anyone on Twitter, so the account can’t receive direct messages and get infected that way.

All of the offending messages, known as tweets, have been pretty promptly removed, but we’ll keep an eye out for more affected accounts. Looks like things are getting personal, with the hacker/hackers targeting the accounts of prominent celebrities and companies — though no one’s going to get rich off this latest scheme, since credit card numbers aren’t needed to use Twitter’s services (yet).

Twitter also suffered a second large-scale scam yesterday when users began receiving direct messages telling them how to win a free iPhone — by signing up for a $5-a-month text messaging service.

The Twitter Blog has not been updated since January 3, when the phishing began, while Twitter co-founder Biz Stone hasn’t updated his account in 17 hours. Lead engineer Alex Payne is “certainly not happy with the security status quo. I just want people to understand the different threats” but is working on more secure, standards based authentication for the site (we hope). Twitter chief executive Ev Williams, however, accurately describes his case of the Mondays, half an hour ago:

[aditude-amp id="medium1" targeting='{"env":"staging","page_type":"article","post_id":102257,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"social,","session":"C"}']

Update: Twitter has posted about the situation on its Twitter Status blog:

A number of high-profile Twitter accounts were compromised this morning, and fake/spam updates were sent on their behalf.

We have identified the cause and blocked it. We are working to restore compromised accounts.

As a precaution, it would be prudent to reset your Twitter password and make sure email in your settings is your own.

More details to come.

Update 2: Twitter now has a post on its main blog about the situation and explains it:

What Happened?

The issue with these 33 accounts is different from the Phishing scam aimed at Twitter users this weekend. These accounts were compromised by an individual who hacked into some of the tools our support team uses to help people do things like edit the email address associated with their Twitter account when they can’t remember or get stuck. We considered this a very serious breach of security and immediately took the support tools offline. We’ll put them back only when they’re safe and secure.

You can find me on Twitter here along with fellow VentureBeatniks Eric Eldon, MG Siegler , Dean Takahashi, Anthony Ha, Chris Morrison, Camille Ricketts and Dan Kaplan. We have a VentureBeat account (for our posts) as well.

[aditude-amp id="medium2" targeting='{"env":"staging","page_type":"article","post_id":102257,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"social,","session":"C"}']