Twitter hit by massive wave of malicious messages

Messages sent by hundreds of accounts testify to dramatic weight loss and link to same suspicious site pedaling diet pills.

Steven Musil
Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
2 min read

Twitter users attempting to click on any one of hundreds of messages advertising dramatic life or weight changes are receiving this warning instead. Twitter

Hundreds of Twitter accounts appear to have been hijacked Wednesday to deliver a tidal wave of malicious messages.

The attack, which seems to have begun at about 2 p.m. PT, featured messages testifying to dramatic weight loss and life-changing events, such as, "If I didn't try this my life wouldn't have changed." An accompanying link led to a Women's Health magazine spoof site promoting a "miracle pill" for weight loss.

It wasn't immediately clear if the page was trying to install malware or perform some other nefarious task, but Twitter wasn't taking any chances, warning readers that the link had been flagged as potentially harmful.

The source of the attack wasn't immediately clear either. The attack appeared to be related to security breaches at third-party sites and apps, according to Ars Technica's Dan Goodin. He noted that early versions of the messages included the tag "via weheartit.com," leading to speculation that the accounts had some connection to the social network.

We Heart It told Ars Technica that it had identified malicious activity on the network and was investigating. The social network announced in a tweet that it had temporarily disabled sign-in and sharing via Twitter.

CNET has contacted Twitter for more information on the messages and will update this report when we learn more.

The attack appears similar to one that hit thousands of Hootsuite accounts last September and featured the same diet product. The popular platform for social-media management said that about 7,000 accounts, less than .01 percent of its user base, were affected by unauthorized access through a third party using OAuth, an authentication mechanism that allows third-party access without sharing login credentials.