I woke up this morning to an unwelcome message from Twitter sent at 3h00 am –
New login to Twitter from Chrome on Windows
from somewhere in Arizona…
Anyone who knows me knows how weird those 2 variables are in my context.
It asked me to reset my password but I was asleep at the time so Twitter locked my account. The first thing I did on waking was change my password and check what tweets were sent by the hackers – one tweet with a Rayban advertisement and a whole bunch of offensive direct messages.
I’m careful about my security settings and having a strong password. I have antivirus on my computer. Evidently not enough. I’m thinking that it was a randomised en-masse brute force attack. The hackers probably do that to see who notices and secures their account and continue hacking those that don’t.
If this has happened or to prevent from happening to you check all your Twitter settings, security and other, including:
- Send out an apology to all your followers – if they know you they will know the tweets didn’t come from you, but it’s a good thing to do in any event
- Use a passphrase, a long one preferably, instead of a short password, even with special characters – build those into your passphrase
- Revoke access to all 3rd party apps – you can always reenable those you use the most; often some are old and no longer in use
- Check your widgets
- Check your direct messages and delete the offensive ones
- Delete the hacked tweets from your timeline
- Enable login verification
Check every setting!