Just received this direct message from Oceanicitl on Twitter. It looks like a scam. Has her account been hacked?

Yep, it's definitely a scam, so I can only imagine that her account has been hacked.

Let's hope for her sake that she doesn't use the same username/password on other services, then.

I know I do!

Like err... here for example.

Man the barricades!

Jon

That's a virus, not a hack.

How do you know that?

On a Mac?

She could have been using any machine though.

So either she was using a PC or she is the first victim of a virus infecting OS X in the wild.

He doesn't.

The most likely thing - given Twitter user names are public - is a brute force attack against her account, rather than any sort of hack of a PC. They can brute force her (and probably a lot of other people's) twitter accounts from anywhere using a botnet, rather than having to go to the trouble of hacking a particular PC.

Oddly, something similar happened to me recently. I have a hotmail account that I use very very rarely. It was hacked and a load of spam sent out to various accounts in my contact list. Most of them were defunct, and one of the others was me . MS's official line is that I must have had my computer compromised and my password keylogged. This is odd considering

1) I hadn't used the account in quite some time, so they'd have had to grab my account and then sit on it for months, for no good reason at all.

2) I'm not entirely ignorant of computer security. The PC is use to log in to hotmail is behind a hardware firewall with virtually all ports routed to /dev/null. The PC itself also has a firewall with, again, a very limited number of ports open.

3) My hotmail address is essentially broadcast to the internet, because it's the account I have in anything I send to usenet.

The chances of someone getting into my computer, keylogging it, grabbing the hotmail password, sitting on it for months without using any of the other pieces of info I type in, like the passwords to my online banking and credit card numbers and the like, seems to me to stretch things beyond the bounds of credulity. It seems to me that nabbing my email address off usenet then using a botnet to brute frce the password out of a publicly accessible system is much more straightforward. Occam's razor and all that.

of course, MS/Google/Yahoo etc will never admit that people could have their accounts compromised this easily, because if they do people will abandon them en masse.

Jon

Because it's worded in exactly the same way as a virus I had for MSN, which my housemate downloaded. i don't see why you'd bother hacking someone's account just to propogate a message which is blatant spam, personal fraud yes, not junk mail.

If it was the first Mac virus I think we would have heard a bit more about it in the press.

Oh god those things drive me mad.

They make me laugh too though. At first you see just one person in your contact list with the message "DONT ACCEPT FILES ITS A VIRUS" and then there is a domino effect and before you know it, you are being bombarded by dozens of contacts trying to send you holidaypics.exe or something similar.

You don't bother, it's all automated. Bunches of bots hammer away at a list of MS live/gmail/twitter accounts until they get in then read the contact list, dump the message out and send back the list of addresses in the contact list (which is actually the valuable bit, because they're much more likely to be valid email addresses than just randomly made up ones). Nobody has to actually do anything other than press 'go'. We're talking about thousands of PCs banging away at millions of accounts here. Vast economies of scale. It absolutely wouldn't be worth hacking someone's account to do this, so they're making the computers do what they're very good at - the same thing, over and over again, quickly. You pull a script down off the web, give it the text of a message to send and then upload it to a whole big bunch of computers. You don't even have to have a list of zombies, the script will even download that for you. I've seen these scripts, they're not even very complicated.

Jon

And it is still spamming away. Looks like Caz has taken the day off and is away from her machine(s).

I shall slightly re-word my earlier post: It sounds more like a virus than a hack to me.