Thousands of Twitter accounts wide open after TweetGif hack

Part of a database containing the credentials for more than 8,000 Twitter accounts, apparently obtained from the TweetGif image hosting service, is currently circulating online. The extract contains access tokens and the associated access token secrets which can be used to access users’ Twitter accounts.

Users log into the third-party TweetGif app using their Twitter account, and Twitter then provides TweetGif with an access token. This token allows TweetGif to access the user’s Twitter account in perpetuity without having to request permission each time it wishes to do so.

The tokens remain valid even when the account password is changed. As a precautionary measure, anyone who has used TweetGif in the past is advised to revoke the service’s access rights under Settings ➤ Apps on twitter.com. The LulzSecReborn Hacker group has already claimed responsibility for leaking the user data. The group was also responsible for publishing data from the MilitarySingles.com e-dating web site and from security services provider CSS Corp earlier this year.

demostrates how to use twitter to build password cracking wordlist , click here to view!

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s