(copypaste from an intense-debate forum topic I created until I get a chance to write something special)
This morning my twitter account posted a google wizard spam message. I have not given out my password to any websites except foursquare (playfoursquare.com) and tweetsum a few times, and my password is fairly complicated (12 characters, capitals, numbers, and symbols).
the spam mesage that came from my account was: “Today was so exciting! Made $124 in 20 minutes! if ur interested, go read: ***************** ”
Anyway, I did not post this spam message, I’ve been using this as my personal account since may 2007 (3,377 posts) and I am fairly confident (barring any unpublished hacks into tweetsum or foursquare) that my password is secure.
I did not notice this spam message until one of my friends told me about it. I promptly deleted the offending tweet, and changed my password.
As soon as I got a chance, I went to the twitter support site and reported this, thinking that there could be a vulnerability in Twitter, and I wanted to know if there was anything else I could to to ensure my account was secure. A few minutes after I submitted this help ticket, my account was suspended. I thought I was helping twitter out by reporting a possible security flaw, but nope, I got suspended 😛 (I put through another help ticket to reinstate my account).
A quick google search of the URL that was in the spam message shows that it was tweeted by arround 100 people today, and of the accounts I looked at, it seems like at least a dozen of them were legitimate accounts (one account being exclusively in spanish, with this english spam tweet). Also, not all of the accounts with this same message were banned, which reinforces my theory that I got myself banned :P.
I just did some more research, and according to “tweetlists .com” the two most popular URLs posted on twitter today direct to the same page that my twitter account linked to.
It seems to me that there are more than a few legitimate people being suspended for this particular spam message, and I can’t find any similarity between the accounts that haven’t been suspended yet.
There is a post about this on a Symantec blog by their “Internet Safety Advocate”. And if you search twitter for “google wizard” you will see hundreds of accounts of this.
My account is currently suspended, I am trying to get this fixed, I’ll update this as things happen.
UPDATE 1: July 31, 2009. At least one other user who was “hacked” was using foursquare (playfoursquare.com) (via the norton community post linked to above). Was foursquare hacked/compromised?
UPDATE: August 06, 2009.
Today my account was reactivated. The first suspension email did say “minimum suspension: 1 week.” they seem to keep to that very strictly, as exactly 7 days after my initial suspension, my account was reactivated. What I did in order to reactivate my account was submit one support ticket on their website, and send an email to suspended -at- twitter.com. Make sure you are very polite in each, and don’t bug them with lots of multiple submissions (what I read shows that they don’t like that.)
All of the support tickets I submitted (3 in total, one describing the first spam, one asking to be un-suspended, and the email which showed up on the website after a day or two) were marked “solved” very quickly, with absolutely no communication. While this is very rude and probably not good support practice (which is another issue entirely), the issue was actually solved, even though I couldn’t find out until the minimum 1 week suspension was finished. I would suggest waiting until the end of your minimum suspension before freaking out again with support :P. don’t forget to be polite and grateful! they don’t have to unsuspend your account, and I’m sure being the banhammer is not a job where you get very many compliments.