Quick Comment

Twitter forcing some users to change password. Reported threat of phishing attacks.

By Zee Follow Zee on twitter on February 2nd, 2010

We’re seeing tweets that various people are being forced to change their passwords on Twitter in response to possible phishing threats.

Picture 45

The message from twitter itself says:

“Due to concern that your account may have been compromised in a phishing attack that took place off-Twitter, your password was reset.”

There have been a number of cases where phishers have targeted user accounts via DM sending them to a spoof login page that grabs passwords and then uses your account to propagate the phishing messages to more users.

In this case, it appears Twitter itself wants to be one step ahead of potential phishers and is asking people that it believes may have been a target to change their passwords immediately.

At least that’s what we’re hoping. We’ve requested confirmation from Twitter and will report back if/when we hear something.

Update:

We’re hearing unconfirmed reports from Twitter users that this might be in regard to a user account @THCx. A thread on Twitter’s support system recommends that users change their passwords immediately if they are currently following that specific Twitter account.

@THCx, supposedly a tips/tutorials service, has managed to gain access to over 42000 user accounts in a matter of days and doesn’t appear to be following one.

The screenshot below shows that it’s possible, if @THCx is the culprit, that they may have gained access to users via NutshellMail, a service that lets you access and reply to Twitter messages as you would email.

It’s unlikely that a NutshellMail vulnerability is the issue here however @THCx is does increasingly seem to be the common denominator between all the accounts requiring password resets.

62142195

Official Update from Twitter:

We just received an official statement from Twitter:

“As part of Twitter’s ongoing security efforts, we reset passwords for a small number of accounts that we believe may have been compromised offsite. In one case, a number of accounts posted updates indicative of giving their username and password to untrusted third parties. While we’re still investigating and ensuring that the appropriate parties are notified, we do believe that the steps we’ve taken should ensure user safety. We’ll continue to provide updates as warranted at @safety and @spam. We do, as always, encourage our users to read our help pages on what to do if your account is compromised: http://twitter.zendesk.com/forums/10713/entries/31796 and how to stay safe on Twitter: http://twitter.zendesk.com/forums/10711/entries/76036.”

Interested in more social media news and discussion? Join TNW Social Media on Facebook and Twitter, or grab our RSS feed here.

About the Author

Zee

Based in London, Zee is Editor in Chief of The Next Web. Follow him on Twitter and Facebook.

Discussion - 39 Comments/Pingbacks RSS feed for comments on this post

  1. Rish says February 02, 2010
    Reply

    twitter should first change it's own password =)

  2. Σχολή Χορού says February 02, 2010
    Reply

    Some kind of additional security for those who really invested on twitter would be really appreciated, meaning verified email address and cellular phone number.

  3. Σχολή Χορού says February 02, 2010
    Reply

    Some kind of additional security for those who really invested on twitter would be really appreciated, meaning verified email address and cellular phone number.

  4. How To Blog says February 02, 2010
    Reply

    Security issues are in the limelight nowadays, be it Twitter or FB. What else can we do? Twitter should be commended for being vigilante in protecting users.

  5. Jeroen says February 02, 2010
    Reply

    still it's strange that twitter doesn´t seem to be able to stop this from the inside …
    (read the text in the screenshot, a ban seems impossible???)

  6. amyherndon says February 02, 2010
    Reply

    It would help if you let people know you're stealing their screenshot. It is NOT Nutshell Mail!!!

  7. Taylor Cimala says February 02, 2010
    Reply

    I'd say it has to do with @THCx in some form. I think it was something internal though because all of a sudden I was following that username, but I had never chosen to do so. I unfollowed them the other day and then this morning I was following them again and had the email to change my password. I have never heard of or used NutshellMail. No big deal, easy enough to change passwords, just trying to help shed some light.

  8. Niklas Morberg says February 02, 2010
    Reply

    I haven't used nutshellmail either, but was following TCHx (without having subscribed to the user before). I've switched my twitter password and blocked TCHx, but my security does feel compromised. I would like to know what has happened here and a better explanation from twitter.

  9. thinbegin says February 02, 2010
    Reply

    i've never used nutshellmail, nor have i ever followed TCHx, but i still got the passwrod/phishing warning from twitter. what that means to me is that, if TCHx [or nutshellmail] is/are the *main* component to this fiasco, it/they are certainly not the *only* component.

    i'd love to hear something more definitive.

  10. Donna Winter says February 02, 2010
    Reply

    Same here, thinbegin. I have 5 accounts and only one got the password change mail. It hadn't sent or received any spammy/phishy messages, no TCHx or Nutshell mail. I haven't had time to deal with anything but the initial password change and checking what 3rd party apps had recently run in my account (Backupify and Twunfollow were most recent). I can't wait to go change all my other OAuth connections now. : /

  11. marshall watson says May 28, 2010
    Reply

    send my password and users name so i can finally log in and update too new phone due too old phone screen cracked! respond now!

  1. Social Milestone » Blog Archive » Twitter Under Phishing Attack?

    [...] Twitter users are pointing out that Twitter forced them to change their passwords out of the blue. [...]

  2. Twitter Under Attack? | John Paczkowski | Digital Daily | AllThingsD

    [...] claiming they’ve received an e-mail from the company asking them to reset their password after a suspected phishing attack are certainly cause for concern — either because they have indeed fallen victim to a phishing [...]

  3. Twitter Under Phishing Attack? | Google Reader | Юлиян Попов

    [...] Twitter users are pointing out that Twitter forced them to change their passwords out of the blue. [...]

  4. Twitter Under Phishing Attack? » Troy Cornejo

    [...] Twitter users are pointing out that Twitter forced them to change their passwords out of the blue. [...]

  5. Twitter Forces Users to Change Passwords « Komplett Ireland

    [...] password reset. Indeed, the message from the folks at Twitter, as obtained from the fine folks at TheNextWeb simply [...]

  6. Phish attack on Twitter? – Talk And Squawk - Wilmington Star News - Wilmington, NC - Archive

    [...] “Twitter under phishing attack.” Tweeters everywhere are asking why they were suddenly forced to change their passwords. Mashable says users who have been hacked will receive an email that says, “Due to concern [...]

  7. Damon Tech Live » Blog Archive » Twitter Under Phishing Attack?

    [...] Twitter users are pointing out that Twitter forced them to change their passwords out of the blue. [...]

  8. Twitter Under Phishing Attack? « TechDoll.jp

    [...] Under Phishing Attack? Numerous Twitter users are pointing out that Twitter forced them to change their passwords out of the blue. [...]

  9. 5Words: E-Reader Runs Afoul of Apple

    [...] Twitter attack forces password changes. [...]

  10. Twitter E-Mail Not Phishing Scam | iePlexus

    [...] reports from The Next Web, suggest Twitter users following @THCx could be the victims.  The Next Web also notes”@THCx, [...]

  11. Twitter Under Phishing Attack? | Wordpress Marketing

    [...] Twitter users are pointing out that Twitter forced them to change their passwords out of the blue. [...]

  12. Twitter Resetting Passwords Following Phishing Attack | Products & Tech News

    [...] to The Next Web, unconfirmed reports from users claim that the attack is associated with @THCx, a service that [...]

  13. Twitter Under Phishing Attack? | Agent Zoo

    [...] Twitter users are pointing out that Twitter forced them to change their passwords out of the blue. [...]

  14. Twitter: Backdoor From Torrent Websites Used To Gain User Credentials

    [...] exploits and backdoors throughout the system.”That began the problem, with hundreds of people being asked to reset their password. Although I am not a member at any torrent related website, I was asked to [...]

  15. Remains of the Day: Conquer Your Email Inbox with the Trusted Trio, Video Edition [For What It's Worth] | Superstars Of Gaming

    [...] Twitter forcing some users to change password. Reported threat of phishing attacks. If you get an email from Twitter that *looks* like a phishing email, asking you to change your password, you might want to head to your Twitter account and do it. [The Next Web] [...]

  16. Twitter recomienda cambiar algunas contraseñas afectadas por phishing « RSS2Blogs

    [...] Twitter forcing some users to change password. Reported threat of phishing attacks (Gracias [...]

  17. [TechBlogWatch] Best of Blogs 3/2/10: Adobe, Twitter-Attacke, iPad Camera, Sega, Olympus, Facebook-Gefahr | TechFieber | Smart Tech News. Hot Gadgets.

    [...] auf das ZwitscherNetz: Twitter-Attack verdonnert Nutzer zu Passswort-Änderungen – Twitter nimmt dazu [...]

  18. Twitter Resetting Passwords Following Phishing Attack | Gadget Mania

    [...] to The Next Web, unconfirmed reports from users claim that the attack is associated with @THCx, a service that [...]

  19. UR-VE.COM » Blog Archive » Twitter recomienda cambiar algunas contraseñas afectadas por phishing

    [...] Twitter forcing some users to change password. Reported threat of phishing attacks (Gracias [...]

  20. Remains of the Day: Conquer Your Email Inbox with the Trusted Trio, Video Edition [For What It's Worth] « Coolbeans

    [...] Twitter forcing some users to change password. Reported threat of phishing attacks. If you get an email from Twitter that *looks* like a phishing email, asking you to change your password, you might want to head to your Twitter account and do it. [The Next Web] [...]

  21. ESCUELA NORMAL SUPERIOR DE GACHETÁ

    [...] Twitter forcing some users to change password. Reported threat of phishing attacks (Gracias Thomas) 12 [...]

  22. Tecnología e Innovación « ESCUELA NORMAL SUPERIOR DE GACHETÁ

    [...] Twitter forcing some users to change password. Reported threat of phishing attacks (Gracias Thomas) 12 [...]

  23. Cuentas de Twitter victimas de phishing | qiibo

    [...] Links: [via The Next Web] [...]

  24. Twitter Under Phishing Attack? | Peer Marketing Group

    [...] Twitter users are pointing out that Twitter forced them to change their passwords out of the blue. [...]

  25. Twitter recomienda cambiar algunas contraseñas afectadas por phishing « ESCUELA NORMAL SUPERIOR DE GACHETÁ

    [...] Link: Twitter forcing some users to change password. Reported threat of phishing attacks (Gracias Thomas) 12 ComentariosMicroblogging, Phishing, Seguridad, Twitter [...]

  26. Twitter forcing some users to change password. Reported threat of phishing attacks.

    [...] like it’s happening again.  Reports across Twitter are talking about a password reset warning that is informing them of a [...]

  27. Twitter forcing some users to change password. Reported threat of phishing attacks. « My Blog

    [...] like it’s happening again. Reports across Twitter are talking about a password reset warning that is informing them of a [...]

  28. Updated: Twitter forcing some users to change password. « My Blog

    [...] like it’s happening again. Reports across Twitter are talking about a password reset warning that is informing them of a [...]

Post a Comment

Connect with Twitter