CounterMeasures - A Security Blog » SEO http://countermeasures.trendmicro.eu Rik Ferguson blogs about current security issues. Thu, 09 Sep 2010 16:45:53 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Twitter.Grader.com hacked? http://countermeasures.trendmicro.eu/grader-com-hacked/ http://countermeasures.trendmicro.eu/grader-com-hacked/#comments Thu, 11 Feb 2010 20:07:29 +0000 Rik Ferguson http://countermeasures.trendmicro.eu/?p=1757 Twitter Grader home page

Twitter Grader home page

 Â 
UPDATE: You will see in the comments on this post an update from HubSpot with a link to their blog explaining the incident, I know a lot of folks don’t read the comments, so here it is in full.

“We are very sorry for the mistake. It is completely our fault. As your article mentions, we have contained the situation and stopped the malicious tweets.

We do want to make clear that by design, the HubSpot software applications are on different servers and systems from our free Grader.com tools. This attack did NOT affect the HubSpot software used by our 2,100 customers. Again, there is no impact on our paid product or paying customers.

We have posted an article on our company blog with more information:

http://www.hubspot.com/blog/bid/5594/One-Lesson-From-The-Twitter-Grader-Screw-up-OAuth-Rocks

- Mike Volpe
HubSpot (makers of Twitter Grader)”

…and that, ladies and gents, is an object lesson in how to deal with an event like this. Much respect to HubSpot.

 
__________________________________________________________________________________________

In what looks like another compromise related to Twitter services, a large number of Twitter users who have granted access to their accounts to the web service Twitter.Grader.com have all begun tweeting a bizarre and unauthorised message.
 

Example of affected accounts
Example of affected accounts (search by Twitscoop)

 
Fortunately the link that has been endlessly tweeted by grader users does not appear to host any malicious content. It points to a blog with an embedded YouTube video of Biz Stone back in 2006 promoting Twitter.

 

The domain name of the destination site however might give us a clue to the motivation behind the attack. Seonix presumably refers to Search Engine Optimisation and perhaps that is the real purpose of this attack. Forcing large numbers of Twitter users to tweet a link to the site may well be an effective method of pushing it up the search engine rankings. The domain seonix.org was created on the 11th February 2010 and the details of the owner have been anonymised.

 

Embarassingly the victims of this attack also include Dharmesh Shah, the founder of Grader
 

Dharmesh Shah on Twitter
Dharmesh Shah on Twitter

 
UPDATE: Hubspot, the parent company have tweeted that they are aware of the hack and working on a solution. In the meantime, if you are a Grader user, you may want to consider temporarily revoking Access to Grader in your Twitter profile via Settings -> Connections.

]]> http://countermeasures.trendmicro.eu/grader-com-hacked/feed/ 6