Sponsored by..

Showing posts with label Twitter. Show all posts
Showing posts with label Twitter. Show all posts

Tuesday 19 January 2016

OMG: Twitter down.. "Something is technically wrong"

Twitter has been down for at least an hour. It feels like losing a limb. OK. Maybe not. A metaphorical limb. Please don't offer to come round to remove one just so I can compare.


Friday 27 April 2012

Twitter spam / medsdose.com

This fake Twitter spam leads to a fake pharmacy at medsdose.com but it could easily be adapted for malware.

Date:      Thu, 26 Apr 2012 19:43:05 +0000
From:      Twitter [c-nfxzlxr=znvy-ba.hf-ae0dc@postmaster.twitler.com]
To:      xxxx@xxxx.com
Subject:      Unusual activity with your account!

Hi, xxxx@xxxx.com

Our system detected unusual activity associated with your account.

Your account may be temporarily suspended for violations of the Twitter Rules.

We suspend accounts for investigation if we suspect an account has been hacked or compromised.

You need to confirm your email address to regain access to your account.

Once you regain access, you will be able to request a new password for your Twitter account.

You can find information on following automations and permitted following behaviors on the help page:

https://support.twitter.com/

The Twitter Team

Please do not reply to this message; it was sent from an unmonitored email address. This message is a service email related to your use of Twitter. For general inquiries or to request support with your Twitter account, please visit us at Twitter Support.

medsdose.com is hosted on 95.168.193.182 in the Czech Republic, this IP is used for several fake pharma sites and can be safely blocked.

Friday 23 April 2010

"Twitter Support" phish

This phish claims to be from Twitter, but it actually redirects to a fake site at adcopy.awbweb.com/differential.html hosted on 216.81.74.9 which appears to be a legitimate site that has been hijacked.

From: Twitter Support <support@twitter.com;>
Subject: Undelivered Message 52-629

Hi,

You have 1 unread message(s)
http://twitter.com/account/message/0C5B9-C2FEF

The Twitter Team

Please do not reply to this message; it was sent from an unmonitored email address. This message is a service email related to your use of Twitter. For general inquiries or to request support with your Twitter account, please visit us at Twitter Support.

Thursday 5 November 2009

BBC websites down - possible DDOS attack?

The BBC's websites (e.g. news.bbc.co.uk and www.bbc.co.uk) are either down or very slow to respond from multiple ISPs and countries. It feels like a DDOS attack, but I cannot confirm it.

It's not trending on Twitter yet, but you can see that it's a widespread issue in real time. The BBC was subject to a major DDOS attack almost exactly a year ago.


Update: the BBC have a statement blaming "network problems" here. Perhaps they should be blaming Siemens?

Sunday 12 April 2009

"Mikeyy Mooney" / StalkDaily.com - someone is lying

The rules of spam are a semi-humorous and semi-serious look at the behavior of spammers.

Well, one hot spam topic is the recent StalkDaily.com XSS attack on Twitter. This cross-site attack basically spams out ads via a victim's contact list, and although it is arguable if this is "hacking", it certainly is spamming.

So, let's look at the "rules of spam" and how they apply in this case.

Rule #0: Spam is theft.
Using Twitter's services to send spam is theft. But perhaps the main financial cost to Twitter is that this kind of rubbish will put people of using the service. Of course, Twitter doesn't actually seem to make any money, but that's another issue..

Rule #1: Spammers lie.
So, when the spam attack took place, some people must have started to make complaints about StalkDaily.com, a domain registered on 22nd March to an anonymous registrant. The owner of StalkDaily.com responded as follows:

For everyone wondering, I did NOT promote and/or was involved with the spamming ON Twitter. All bad things you are hearing about this site is not true. Please reconsider as I am not the person who did this.
So, that clearly states that StalkDaily.com is not behind the XSS attack. So what's going on? Is it a Joe Job? Here's the odd thing.. Joe Jobs normally target established sites (not one less than a month old), and why waste an XSS exploit like this on a Joe Job when Twitter will probably close it?

We didn't have to wait long for an answer:

I have came clean and have accepted the responsibility for the worm, read the interview here, http://www.bnonews.com/news/242.html.

That's kind of 100% different from the last denial. The operator of StalkDaily.com is clearly lying about something, perhaps everything.

Rule #2: If a spammer seems to be telling the truth, see Rule #1.
As we have discovered, StalkDaily.com's denial was proved to be a lie. Or perhaps there denial is a lie. In any case, you should not do business with liars or spammers.

Rule #3: Spammers are stupid.
And this dude is as stupid as they get. Sure, stupid in a very smart kind of way.. but the kind of stupid that doesn't thing what the consequences might be.

Rule #4: The natural course of a spamming business is to go bankrupt.
I can hear the sound of Twitter lawyering up. Hahahah.


The StalkDaily.com website points to a pseudo-news article at BNOnews fingering someone called "Mikeyy Mooney". And there's a large collection of material relating to "Mikeyy Mooney" at sqworl. But is it really "Mikeyy Mooney"? The admission itself comes from whoever operaters StalkDaily.com.. and we have already established that they are a liar. The sqworl documents point to someone in Louisiana.. the BNOnews article says New York. Last time I looked at a map, these were two different places.

Perhaps a closer look at StalkDaily.com's server might be interesting. 74.200.253.195 hosts the following domains:

  • Haxyou.com
  • Michangelomooney.com
  • Stalkdaily.com
Wait.. Michangelo? Is this guy a teenage mutant ninja turtle?

Most of these sites have anonymous WHOIS details, except for Haxyou.com which is registered to some guy called Ryan who appears to be a distinctly different biological entity.

This is the bottom line - the operator of StalkDaily.com is a liar. They may even be lying that they are "Mikeyy Mooney." Perhaps Twitter can do us all a favour and subpoena the domain records before suing this idiot into the ground.