Most likely method of Twitter becoming hacked?

Destination · 11 Jun 2016 at 18:17

Some suspicious activity on a twitter account I control, nothing posted, but seems to be signing me up to follow lots and lots of people.
Password changed, people deleted, things seem stable now.

Twitter for Mac 11 Jun 2016 17:43 95.76.195.183 Romania
Twitter for Mac 11 Jun 2016 17:43 37.212.155.219 Belarus
Twitter for Mac 11 Jun 2016 17:43 59.152.103.78 Bangladesh
Twitter for Mac 11 Jun 2016 17:43 95.56.41.131 Kazakhstan
Twitter for Mac 11 Jun 2016 17:02 179.41.129.209 Argentina
Twitter.com 11 Jun 2016 13:15 162.243.163.134 United States
Twitter.com 11 Jun 2016 13:14 192.211.49.200 New Zealand

Twitter account activity show the above, does this indicate successful logins? Or attempts at logging in?

Either way, the PC I use appears to be clear, but the email address associated with that account it very very old, and I ponder if it once has a password that might have matched to the twitter accounts password?

They don't brute force hacks on twitter do they? Just pull old lists and see if anything matches? Or what is the most likely explanation for this breach?

Diddums · 11 Jun 2016 at 18:20

That's attempts I would've thought. Twitter is permanently under attack, you can buy 500 followers for £10 if you know where to go, these are mostly pinched accounts.

CREATIVE!11 · 11 Jun 2016 at 18:21

Diddums said:
That's attempts I would've thought. Twitter is permanently under attack, you can buy 500 followers for £10 if you know where to go, these are mostly pinched accounts.

Well guys, we can spot the guy who has bought followers.

Caged · 11 Jun 2016 at 18:22

Most likely is the same email/password combination being used in multiple places

Destination · 11 Jun 2016 at 18:24

Caged said:
Most likely is the same email/password combination being used in multiple places

Potentially it could be in this case.
Twitter had a password attached that had been used elsewhere many years ago but not since, but where might the breach be located I ponder, and old leak of passwords?

Pawnless Endgame · 11 Jun 2016 at 18:29

Caged said:
Most likely is the same email/password combination being used in multiple places

That was how I got done as well, some 15 years ago. They compromised 3 of my forum accounts and also MSN Messenger and started playing imposter on these platforms. Therefore the attack was quite personal.. prolly someone I knew and they trying to **** me off. Thankfully the admins from the 3 forums knew something was suspect, reset my password to my email (which wasn't compromised) and I got back in ok and then set my passwords to be all different. I didn't get the MSN Messenger account back though as it was linked to an old university email address which went dead after I left uni. So I just made a new MSN nick using a Hotmail/Live addy.

Diddums · 11 Jun 2016 at 18:32

CREATIVE!11 said:
Well guys, we can spot the guy who has bought followers.

Nah, I just came across it when I was doing my Youtube stuff a few years ago. You'd be amazed at how many subscribers / followers / Facebook likes you can buy for cheapo. Whole industry surrounding it.

p1RATE · 11 Jun 2016 at 18:36

500 followers for £10

you can get up to 10k followers for $5 on fiverr

obviously the quality wont be great

Destination · 11 Jun 2016 at 18:36

Actually

Notice of Data Breach

You may have heard reports recently about a security incident involving Myspace. We would like to make sure you have the facts about what happened, what information was involved and the steps we are taking to protect your information.

What Happened?

Shortly before the Memorial Day weekend, we became aware that stolen Myspace user login data was being made available in an online hacker forum. The data stolen included user login data from a portion of accounts that were created prior to June 11, 2013 on the old Myspace platform.

We believe the data breach is attributed to Russian Cyberhacker ‘Peace.’ This same individual is responsible for other recent criminal attacks such as those on LinkedIn and Tumblr, and has claimed on the paid hacker search engine LeakedSource that the data is from a past breach. This is an ongoing investigation, and we will share more information as it becomes available.

What Information Was Involved?

Email addresses, Myspace usernames, and Myspace passwords for the affected Myspace accounts created prior to June 11, 2013 on the old Myspace platform are at risk. As you know, Myspace does not collect, use or store any credit card information or user financial information of any kind. No user financial information was therefore involved in this incident; the only information exposed was users’ email address and Myspace username and password.

That is more than likely it, they lifted the password right around the strange activity time, I would have had a myspace account perhaps at one stage, many many moons ago.

Diddums · 11 Jun 2016 at 18:37

p1RATE said:
you can get up to 10k followers for $5 on fiverr obviously the quality wont be great

We're going back 5-6 years now; my numbers may be off

G-MAN2004 · 11 Jun 2016 at 18:52

p1RATE said:
you can get up to 10k followers for $5 on fiverr obviously the quality wont be great

I only just discovered that website yesterday. It's actually pretty handy!

Diddums · 11 Jun 2016 at 18:59

G-MAN2004 said:
I only just discovered that website yesterday. It's actually pretty handy!

We paid $5 for the logo for our forum. It's a great site but you do sometimes have to chase people.

Kuros · 11 Jun 2016 at 19:00

Hikari Kisugi said:
Potentially it could be in this case.
Twitter had a password attached that had been used elsewhere many years ago but not since, but where might the breach be located I ponder, and old leak of passwords?

Linked.in perhaps?

There's been an increase of people breaching into sites, sitting on the data then releasing it years later. Harder to know what passwords to change that far back.

m0rte · 11 Jun 2016 at 21:58

Check which apps are allowed to use your account in profile > settings > apps. My account was hijacked via some app that had been linked and made to follow a load of randomers.

Destination · 11 Jun 2016 at 22:22

Indeed, it appears the 'app for mac' was the culprit, not that I recall ever activating such a thing. As I have never logged into twitter on a mac.

Pho · 11 Jun 2016 at 23:09

https://haveibeenpwned.com/

Try putting your email in here too to see if it's been leaked with any big leaks.

G-MAN2004 · 11 Jun 2016 at 23:17

Pho said:
https://haveibeenpwned.com/

Try putting your email in here too to see if it's been leaked with any big leaks.

Oh balls, three leaks.

Thanks for this.

Destination · 11 Jun 2016 at 23:36

Quite interesting.
Nexus mods was breached so an fallout player or skyrim player might want to check if their passwords ever doubled up.

Lord of the rings online and dungeons and dragons online both breached, 1.1and 1.6 million accounts, ouch.

Myspace was breached some time in 2008, but first sales seems to have been last month, certainly first public sales. Interesting.

Scam · 11 Jun 2016 at 23:51

Can you set up two factor authentication for Twitter? Seems the most likely form of a personal data breach is getting caught in a mass hack like this. Two factor will stop anyone getting in, even if they've got your password.

radderfire · 12 Jun 2016 at 00:17

There was a big Twitter hack/leak recently. I read about it but can't remember exact details. I've taken the precaution of changing all my passwords.