Acai Berry spammers hack Twitter accounts to spread adverts

Hundreds of innocent user’s accounts on the Twitter micro-blogging service appear to have been hacked by spammers.

A typical message posted on the compromised accounts will say something similar to the following:

Howdy my friend! I just lost 13 pounds in 12 days. It only costs me $5. Take a look at this: http://[random].cn

Examples of Acai Berry spam on Twitter

If you do click on the link you get taken to a website with a .cn tld (top level domain) like the following:

One of the websites set up by the spammers

Some victims of this latest Twitter hack attack are noticing that their account is sending Acai Berry spam, however. Take this example, for instance, where the user has apologised for the security breach on his account:

Twitter account abused by Acai Berry spammers

The question is – how have these accounts on Twitter been hacked? At the moment, that’s not clear. But what is evident is that users need to take more care with their Twitter passwords.

If your account on Twitter has been compromised, make sure you change your password to a non-dictionary word – and be sure to also change any other online accounts where you might be using the same password. Far too many people use the same passwords on multiple sites, which obviously increases your chances of becoming hacked.

Not sure how to choose a password that’s memorable but also hard for the hackers to guess? Watch this video:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)