Twitter hacker spreads Tsunami warning from government advisor's account

Filed Under: Social networks, Spam, Twitter

Andi Arief
As many people have found, Twitter is a fantastic tool for spreading important news rapidly.

In the past it's been used to share information about fires in Los Angeles, emergency landings in the Hudson River, and most recently helping aid be transported effectively to disaster stricken Indonesians.

Andi Arief is Indonesian president Susilo Bambang Yudhoyono's disaster management adviser and a frequent user of Twitter. After a devastating spell of earthquakes, floods, volcanic eruptions and even a tsunami hitting the country, you can understand why some people would be following him on the micro-blogging service.

After all, Arief diligently posts up-to-date disaster-related information.

Unfortunately, Andi Arief's Twitter account also caught the attention of hackers today, who broke into his account and started posting messages.

Perhaps the most dangerous bogus message posted from the account was a tweet which, according to local media reports, read:

Bogus tsunami tweet

Besok jakarta tsunami

which translates as "Jakarta tsunami tomorrow".

Hacking into a Twitter account that is used for disaster relief is bad enough, but for the intruder to also spread malicious warnings makes me think that this must have been the actions of a very sick mind.

Arief struggled for some hours to get control of his account back, temporarily setting up another Twitter account to spread important information before things returned to normal.

Back to normal

Translated back to normal

(Thanks to Google for translating that for me)

It isn't clear at this point exactly how Arief's account was compromised but a cracked password will surely be suspected.

Remember, you should always choose a non-dictionary word that's hard to guess as your Twitter password, and never use the same password on multiple websites.

Be on your guard against phishing sites and ensure that your computer is running up-to-date anti-virus software to protect against keylogging spyware which may attempt to steal your information.

Finally, consider carefully which third-party applications and websites you allow to connect with your Twitter account.

, , , , ,

You might like

9 Responses to Twitter hacker spreads Tsunami warning from government advisor's account

  1. Very sick hacker!! I Hope Indonesian cyber police not as stupid as child who had just held computer for the first time, and hope the hacker can be arrested immediately.

  2. Greylines · 1434 days ago

    This is how I create easy to remember passwords that appear random, complicated, non-dictionary and have a high number of characters.

    Take a sentence you can remember easily. For example "Mary had a little lamb, it's fleece was white as snow, and everywhere that Mary went the lamb was sure to go"

    Now take the first letter of each word: MhallifwwasaetMwtlwstg

    Now replace S with 5, I with 1, the T for the word TO with 2, and so on according to what makes sense to you. Which is important - it *only* has to make sense to *you*.

    Mhall1fwwa5aetMwtlw52g

    Some kids who fancy themselves as hackers like to use 7 for L and 3 for E. So I'll do that BUT only for the first letter of a pair of letters or letter appearing singly.

    Mha7l1fwwa5a3tMwt7w52g

    That's a 22 character password created using an easy to remember "seed" phrase and a few easy to remember tweaks.

    This works very well if you make up your own rules, and the advantage is you can create different passwords from the same initial phrase depending on which rules you decide to apply.

  3. rashid · 1434 days ago

    thank you

  4. Hello Graham,

    I'm not sure if the hijacker is really that "sick". If I'd have to do a psychogram for the attacker, I'd say the chances are equal that he is just childish in his thinking because he doesn't forsee the implications of his blunt "prank". In this case I'd expect the age of the person between 14-18 years.

    Regards,

    Marc

  5. Hello,

    I'm doing the same. But I prefer to use sentences with countable objects and use the numbers as digits. And I keep the punctuation marks. Example:

    "Is this really my second post today?" => Itrm2pt?

    Regards,

    Marc

  6. Sounds a bit like the video I made here about how to choose a hard-to-crack but memorable password:
    http://nakedsecurity.sophos.com/2010/02/03/choose...

  7. Greylines · 1434 days ago

    Convergent evolution?

  8. twittee_bird · 1434 days ago

    No need to crack the password. You just need a packet sniffer and wait for the user to connect on twitter.

  9. Jeffrey A. Williams · 1432 days ago

    Why, did this advisor have an unsecured Twitter account?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.