Home Updated: Another Twitter Hack in the Wild – Adult Webcam Site Sends Spam Messages

Updated: Another Twitter Hack in the Wild – Adult Webcam Site Sends Spam Messages

It looks like either Twitter or a third-party Twitter service was hacked today by an adult webcam site. Chances are that you have seen the following message in your Twitter stream at some point in the last few hours: “hey! 23/Female. Come chat with me on my webcam thingy here www.chatwebcamfree.com.” The constant stream of messages just stopped as we were writing this story. We have asked Twitter for a response and will update this post as soon as we hear more.

Update 1: According to security firm Trend Micro, the webcam site serves up “an obfuscated JavaScript that loads up porn related advertisments on the browsing computer.” It is still not clear how the Twitter users’ accounts were compromised, however.

Update 2: Here is Twitter’s reaction. Apparently, about 750 accounts were compromised in this attack. Twitter has reset these users’ passwords and deleted the webcam tweets. Still no news about how the hackers got a hold of the passwords.

For now, we recommend that you check your updates to see if this message appears in your stream. If it does, you’ll probably want to change your password immediately.

Twitter itself has a decent track record when it comes to security (though some celebrities’ accounts were hacked a while back), so we assume that this hack originated somewhere else, but for now, it is not clear how these hackers managed to get a hold of all of these users’ accounts.

The last Twitter ‘hack’ turned out to be relatively benign and just exploited a well-known security hole but didn’t actually steal users’ passwords or direct them to an adult site. Until Twitter’s oAuth implementation goes fully live however (Twitter is testing it with a select group of developers right now), users have to hand over their full Twitter credentials to every third-party Twitter service, which could allow a malevolent programmer to easily create a huge database of logins and passwords.

Update 3: looking a bit more into this, it seems like the same scam has appeared on IM services like MSN Messnger and also on Facebook.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.