Hundreds of innocent user's accounts on the Twitter micro-blogging service appear to have been hacked by spammers.
A typical message posted on the compromised accounts will say something similar to the following:
Howdy my friend! I just lost 13 pounds in 12 days. It only costs me $5. Take a look at this: http://[random].cn
If you do click on the link you get taken to a website with a .cn tld (top level domain) like the following:
Some victims of this latest Twitter hack attack are noticing that their account is sending Acai Berry spam, however. Take this example, for instance, where the user has apologised for the security breach on his account:
The question is - how have these accounts on Twitter been hacked? At the moment, that's not clear. But what is evident is that users need to take more care with their Twitter passwords.
If your account on Twitter has been compromised, make sure you change your password to a non-dictionary word - and be sure to also change any other online accounts where you might be using the same password. Far too many people use the same passwords on multiple sites, which obviously increases your chances of becoming hacked.
Not sure how to choose a password that's memorable but also hard for the hackers to guess? Watch this video:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)Follow @gcluley