Earlier this week, several reporters who cover national security and defense issues as well as security experts found that their Twitter accounts had been hacked and were sending spam.
Those affected received direct messages from trusted sources that said, “See what bad things have been said about you,” along with a link.
Typically, scams such as this one work by sending the victim to a phishing site meant to look like a Twitter page that asks you to enter your password so that the phisher can send out the messages on your behalf, according to Twitter.
Flightlines was unable to reach a representative from Twitter for comment despite numerous attempts.
The incident may be related to the recent hacking of STRATFOR, an intelligence analysis firm that was recently hacked, said Alexandru Catalin Cosoi, of BitDefender, a company that specializes in internet security and anti-virus software.
“We’re not excluding the possibility of a targeted attack (since creating a Twitter bot to send DMs to the victim’s contacts involves just a couple of lines of code), but since this incident is so close to the Stratfor hack and based on the common knowledge that people reuse their passwords, this is our belief so far,” Cosoi said in an email.
But Jerry Dixon, of the internet security company Team Cymru, said he has not heard of any attacks directed against reporters and national security experts. The incident was likely caused by a combination of malware and people using passwords that are easy to break.
“Bad actors would be more interested in what is on their hard drives than posting tweets,” Dixon said in an email.