Your security, networking, programming, and application news source.

Wednesday, January 7, 2009

Happiness P0wns Twitter

  About a week after the new year, <Twitter> had several high profile accounts (Tech Crunch)<taken and defaced>. Obama, FoxNews, Miley Cyrus, and Britney Spears, just to name a few, had lewd comments or questionable links posted. Miley Cyrus (Hannah Montana) had a (YouTube)<video memorial> hoaxing her death made widely public by <MTV> (who didn't fall for it).
  This event was quickly tracked back to a hacker forum called <Digital Gangster>. An 18 year old hacker calling himself GMZ took credit for the hack. He gave an interview of his account to Threat Level, who verified his story with video of his administration access.
  GMZ claimed that he merely made a dictionary attack program/script and pointed it at a popular Twitter user named "Crystal". After only one night the administrative account was cracked with the epically stupid password "Happiness". That's pretty ridiculous that the system allows such weak passwords, especially for administrative accounts, but its worse. GMZ claims that Twitter has no limitation on log-in attempts. When he realized the account he cracked was an administrative account and that he hadn't bothered using a proxy, he decided not to take any accounts himself. He merely took requests to reset account passwords and tossed them on Digital Gangster. Digital Gangster quickly deleted the related posts, but not before some quite entertaining mayhem took place.

<Wired Blog - Weak Password Brings 'Happiness' to Twitter Hacker>

1 comment:

  1. did the Twitter Admin change his password to "sadness" after he was hacked? haha... ok not funny