Slashdot Mirror

← Back to Stories (view on slashdot.org)

Twitter Hack Details Revealed

Posted by CmdrTaco on from the my-password-is-p4ssw0rd dept.

Jack Spine writes "Twitter co-founder Biz Stone has confirmed both to ZDNet UK and Wired's Threat Level blog that a dictionary attack was used to hack Twitter. After the hacker distributed details on the Digital Gangster forum, celebrities such as Britney Spears and Barack Obama had their accounts defaced. Wired spoke to the alleged hacker, while ZDNet UK got in contact with someone who had been on the Digital Gangster forum at the time."

8 of 222 comments (clear)

  1. Re:iam3prez by Anonymous Coward · · Score: 2, Informative

    It wasn't Obama's account that got attacked. They attacked the account of a Twitter administrator, and then got access to the web-based control panel to reset Obama's password. Pretty lame that a) the admin had such a bad password and b) you can access the control panel from the public internet with the same login as your twitter account.

  2. Comment removed by account_deleted · · Score: 4, Informative

    Comment removed based on user account deletion

  3. Re:iam3prez by Mr.+Sketch · · Score: 3, Informative

    Looks like you didn't actually read the article. The account of a twitter admin was hacked with a dictionary attack. That account was then used to reset the passwords for various other accounts (Fox News, Obama, Britney Spears, etc) to gain access to those accounts. The original passwords for those additional accounts were not obtained. Only one account (the twitter admin) was hacked, the rest just had their passwords reset.

    --
    Things you think are in the Constitution, but are not.
  4. Re:Compromise One Password, Compromise Them All by SighKoPath · · Score: 5, Informative
    FTA:

    GMZ doesn't know what the reset passwords were, because Twitter resets them randomly with a 12-character string of numbers and letters.

    No passwords were compromised except for the admin account he used the dictionary attack on. So really, the GP's analysis of harm done is pretty accurate.

  5. Re:Compromise One Password, Compromise Them All by Anonymous Coward · · Score: 2, Informative

    Many credit card companies offer a one-time-use credit card number you can use for online purchases. I find it invaluable for online shopping.

  6. Re:Compromise One Password, Compromise Them All by everett · · Score: 2, Informative

    Please RTFA before you post. Thank you. The accounts in question had their password reset to a random 12 character string that was then used to post fake tweets. Your comment is irrelevant.

    --
    Sig withheld to protect the innocent.
  7. Re:After all of this... by mcgrew · · Score: 2, Informative

    That's not why they want him to give it up. Federal alw says that all Presidential emails must be kept and can be used as evidence of wrongdoing. If he keeps his blackberry he's a fool.

    --
    Free Martian Whores!
  8. Re:Compromise One Password, Compromise Them All by FredFredrickson · · Score: 2, Informative

    Paypal has secure cards too now for free, just install the paypal plugin. I use single use mastercard numbers for all my online purchasing. Especially nice for porn sites, so you don't have to worry about random charges.

    --
    Belief? Hope? Preference?The Existential Vortex