Vation
03.02.10, 20:49
Most of us have accounts on several trackers. Many of us use the same email for more than one tracker. Some even use the same passwords for several sites/accounts/services and usernames.
A result using life password and same user names will provide you:
loss of your email accounts
loss trackers accounts
also loss precious and most valuable Twitter account.
There were also redirects and bad scripts involved.(be sure that you got up to date PC security and browser)
Twitter informs on it's site how bad there is and that multiple sites are involved.
Torrent sites aren’t exactly “new”; however, this is one of the first times that we’ve seen an attack that came from this vector. It appears that for a number of years, a person has been creating torrent sites that require a login and password as well as creating forums set up for torrent site usage and then selling these purportedly well-crafted sites and forums to other people innocently looking to start a download site of their very own. However, these sites came with a little extra — security exploits and backdoors throughout the system. This person then waited for the forums and sites to get popular and then used those exploits to get access to the username, email address, and password of every person who had signed up. Additional exploits to gain admin root on forums that weren’t created by this person also appear to have been utilized; in some instances, the exploit involved redirecting attempts to access the forums to another site that would request log-in information. This information was then used to attempt to gain access to third party sites like Twitter. We haven’t identified all of the forums involved (nor is it likely that we’ll be able to, since we don’t have any connection with them), but as a general rule, if you’ve signed up for a torrent forum or torrent site built by a third party, you should probably change your password there.
Conclusion Armageddon is coming :stupid: at least according to Twitter(looks like viral advert but let say there is great menace)
Among security mortal sins life password and using same nicks are the worse, blamed are usually all other factors...
sources:
Twitter Status - Reason #4132 for Changing Your Password (http://status.twitter.com/post/367671822/reason-4132-for-changing-your-password)
Torrent Sites Blamed For Twitter Attack | TorrentFreak (http://torrentfreak.com/torrent-sites-blamed-for-twitter-attack-100203/)
FILEnetworks Blog: What’s The Torrent Site Exploit Twitter Is Talking About? (http://filenetworks.blogspot.com/2010/02/whats-torrent-site-exploit-twitter-is.html)
A result using life password and same user names will provide you:
loss of your email accounts
loss trackers accounts
also loss precious and most valuable Twitter account.
There were also redirects and bad scripts involved.(be sure that you got up to date PC security and browser)
Twitter informs on it's site how bad there is and that multiple sites are involved.
Torrent sites aren’t exactly “new”; however, this is one of the first times that we’ve seen an attack that came from this vector. It appears that for a number of years, a person has been creating torrent sites that require a login and password as well as creating forums set up for torrent site usage and then selling these purportedly well-crafted sites and forums to other people innocently looking to start a download site of their very own. However, these sites came with a little extra — security exploits and backdoors throughout the system. This person then waited for the forums and sites to get popular and then used those exploits to get access to the username, email address, and password of every person who had signed up. Additional exploits to gain admin root on forums that weren’t created by this person also appear to have been utilized; in some instances, the exploit involved redirecting attempts to access the forums to another site that would request log-in information. This information was then used to attempt to gain access to third party sites like Twitter. We haven’t identified all of the forums involved (nor is it likely that we’ll be able to, since we don’t have any connection with them), but as a general rule, if you’ve signed up for a torrent forum or torrent site built by a third party, you should probably change your password there.
Conclusion Armageddon is coming :stupid: at least according to Twitter(looks like viral advert but let say there is great menace)
Among security mortal sins life password and using same nicks are the worse, blamed are usually all other factors...
sources:
Twitter Status - Reason #4132 for Changing Your Password (http://status.twitter.com/post/367671822/reason-4132-for-changing-your-password)
Torrent Sites Blamed For Twitter Attack | TorrentFreak (http://torrentfreak.com/torrent-sites-blamed-for-twitter-attack-100203/)
FILEnetworks Blog: What’s The Torrent Site Exploit Twitter Is Talking About? (http://filenetworks.blogspot.com/2010/02/whats-torrent-site-exploit-twitter-is.html)