Skip to main content

Torrent Site Builder Steals Your Twitter Password

Earlier this week, many Twitter users discovered that the social website had reset their passwords. The company said late Tuesday that it noticed a "sudden surge" in followers for a couple of accounts over the last five days. Suspecting foul play, Twitter decided to "take action first and ask questions later" by resetting the passwords of all accounts following the suspicious users.

According to this Twitter blog, the company investigated the situation a little further and discovered that someone was executing a well-planned scam that leeched the personal info from unsuspecting customers. Twitter's Director of Trust and Safety Del Harvey said that this cybercrook built and sold torrent-forum websites for many years, created with special security exploits and backdoors that conveniently gave him access to the personal info of the original buyer and every visitor who signed up to use the site's forums.

Harvey said that the information gathered by the scam included usernames, passwords, email addresses, and other personal data.

"Additional exploits to gain admin root on forums that weren’t created by this person also appear to have been utilized; in some instances, the exploit involved redirecting attempts to access the forums to another site that would request log-in information," he said. "This information was then used to attempt to gain access to third party sites like Twitter."

Harvey said that there was a huge correlation between users of third party forums and download sites, and those that appeared on Twitter's list of "possible" affected accounts. Harvey suggested that web surfers should use different log-in credentials--at least different passwords--when using multiple sites.

  • mrubermonkey
    Yes, "Torret," of course. Why did I not think of that?
  • touchdowntexas13
    I know it's already been noted, but "torret"? lol
  • kenwheeler77
    What's a "Torret"? :)
  • Shadow703793
    Umm... proof read much Mr. Parrish?
  • flurrball
    mrubermonkeyYes, "Torret," of course. Why did I not think of that?
    Someone has pirated the "n"!!!!

    Nooooooo! When will the RIAA and MPAA finally defeat these pirates!

    /end sarcasm

    Dictionary ftw!
  • The-Darkening
    Guys, guys... It's only a typo.

    It's spelled "turret"... Right?

  • captaincharisma
    all i got to say to twitter users is you cannot spell twitter without TWIT
  • this story is nothing but a balloon filled with hot air.

    "the exploit involved redirecting attempts to access the forums to another site that would request log-in information"

    this is the problem with most web users. people do not pay enough attention to what is happening, and blindly fill in web forms. pinning this on only torrent based sites, does not paint the whole picture. then again, I can't find a single article on this website that does just that, give you the full story. tricking people into giving away sensitive information can be done/is done under many different disguises. bestofmedia is an oxymoron.
  • JohnnyLucky
    I do not use Twitter. I have no valid reason to use it.
  • gayan
    torret waht? ;)