My Twitter account was hacked yesterday. It started sending out the ‘This You..??’ Direct Message to people I’m following.
The DM has a link and, out of curiosity (and with bated breath), I decided to see where it went.
I closed everything else down so I could invoke AVG quickly and get rid of nasties if I needed to, clicked the link and …
… ended up on a completely blank page.
Why on earth would someone go to the trouble of hacking an account and spamming DM’s with a link, only to send people to a completely blank page?
Maybe they were being altruistic. Giving me a gentle nudge, and telling me it was time to change my passwords.
So anyway, I clearly need to sort things out but I’m not an expert on Twitter. If someone hacks any of my WordPress or static sites I can be back up and running in a flash.
But Twitter – hmmm.
Luckily @jchronowski47, who kindly let me know that I was spamming all these DMs, also gave me some guidance on what to do and where to look.
So here (with @jchronowski47’s guidance) is what I did:
- Changed my Twitter password. (I’m ashamed to say it’s the first time I’ve changed it since I set up my Twitter account, so being hacked probably served me right)
- Went to my Settings > Connections screen in Twitter and revoked the access rights of all the applications that accessed my account. (There were 5 of them)
- Went to each of those applications, logged in and removed the links to Twitter. In some I had to delete the Twitter reference, in others I could simply deactivate the link.
- After removing the links to Twitter I changed the passwords on each of those sites and logged out.
- After changing those passwords I logged back into Twitter
- After logging back into Twitter, I then logged back into 3 of the applications in turn (using the new password) and reactivated/re-authorised the link to Twitter. The other two applications I no longer use so I didn’t reactivate them.
Since then I’ve kept a close watch on my outgoing DMs and, so far so good.
I’ve no idea how the hackers got hold of my password. But, as I’ve written in articles on WordPress security, there are any number of ways.
So, following the principles I wrote about here I ran Malwarebytes and AVG to check for any nasties on my machine and then changed the passwords of my other important sites (my online banking and so forth).
So hopefully I’m now clean again – but I’m keeping a close eye out 🙂