Twitter Hacked, 250,000 Email and Password Compromised

If you find that your Twitter password doesn't work the next time you try to login, you won't be alone. The service was busy resetting passwords and revoking cookies on Friday, following an online attack that may have leaked the account data of approximately 250,000 users.

"This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data," Bob Lord, Twitter's director of information security, writes in a blog post.

According to Lord, Twitter was able to shut down the attack within moments of discovering it, but not before the attackers were able to make off with what he calls "limited user information," including usernames, email addresses, session tokens, and the encrypted and salted versions of passwords.

The encryption on such passwords is generally difficult to crack – but it's not impossible, particularly if the attacker is familiar with the algorithm used to encrypt them.

As a precaution, Lord says Twitter has reset the passwords of all 250,000 affected accounts – which, he observes, is just "a small percentage" of the more than 140 million Twitter users worldwide.

If yours is one of the accounts involved, you'll need to enter a new password the next time you login. Lord reminds all Twitter users to choose strong passwords – he recommends 10 or more characters, with a mix of letters, numbers, and symbols – because simpler passwords are easier to guess using brute-force methods. In addition, he recommends against using the same password on multiple sites.

Lord says Twitter's investigation is ongoing, and that it's taking the matter extremely seriously, particularly in light of recent attacks experienced by The New York Times and The Wall Street Journal:

This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked. For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.

Although the attack took place this week, it seems to have no relationship to the outage that took Twitter offline for several hours on Thursday. On the other hand, however, Lord's post does make rather cryptic mention of the US Department of Homeland Security's recent recommendation that users disable the Java plug-in in their browsers. He mentions Java twice, in fact.

While it's true that the Java plug-in contains multiple known vulnerabilities and that numerous security experts have warned that it should be considered unsafe, the connection between Java and the attack Twitter experienced isn't clear and twitter is yet to respond to our request for clarification.

Android Botnet Infects Over 1 Million Phones in China

A piece of mobile malware believed to be hidden in around 7,000 Android applications has infected the devices of over 1 million users from China. Experts say that this may be the largest Android botnet the country has ever seen.

According to Chinese publication Xinhua, the Trojan that powers the botnet is Android.Troj.mdk, a threat first discovered back in 2011.

Once it’s installed on a device, the Trojan allows its master to take complete control of it. The malicious element can be used to harvest messages, phone numbers, contact details, geo-location data and even media files.

Bitdefender experts note that the Trojan also downloads additional applications that slow down the phone’s performance, generate aggressive adware, and drain the device’s battery.

With over 420 million mobile users, China has become an important target for malware developers.

Chinese government blocks Google.com, Gmail, Google+, Maps, Docs, Analytics, Drive, more

Google has experienced a precipitous drop in traffic from China, which a Web-monitoring group attributed to the search engine being "blocked" by the government.

Data provided by Google's Transparency Report shows a sharp drop off in traffic -- to roughly half the normal amount -- to Google's Web sites as of early this morning California time.

GreatFire.org, which performs real-time monitoring, suggested that the drop meant the Chinese government is "one step closer to fully separating the Chinanet from the Internet."

It wasn't immediately clear whether the block was intended to be long-lasting, or whether it's been lifted and Chinese Internet users will be able to connect to Google when they wake up. It's 3:50 a.m. in Beijing right now.

Google has been wrestling with censorship in China for more than half a decade. In April, Google Drive was blocked. Even after switching to a Hong Kong domain in 2010, sensitive topics remained off-limits.

Google has issued our representatives a statement today saying: "We've checked and there's nothing wrong on our end."