New Delhi, June 12 (IANS) With the Twitter accounts of megastar Amitabh Bachchan and singer Adnan Sami getting hacked, security researchers have warned that users should think twice before clicking on the links received in the Twitter Direct Message (DMs).
While Bachchan's Twitter account was hacked late on Monday, the hackers took control of Sami's Twitter account on Tuesday.
A group that goes by the name "Ayyildiz Tim Turkish Cyber Army" claimed responsibility for hacking both the high-profile accounts.
"Their modus operandi looks like they sending DM (Twitter Direct Message) to the victims Twitter account and if the victim opens the DM (direct message) he/she is directed to a phishing page which looks like a genuine page," Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal Technologies Ltd. told IANS.
"If the user fills the login credentials on this page his login information is gone to the hackers who later use it to login and change the original password and take control of the account," he said, adding that there are even other ways a Twitter account can get compromised.
Users with large number of followers should switch on the two-factor authentication for their account, Katkar said.
French security researcher who uses the pseudonym Elliot Alderson pointed to a user who goes by the name Kerem Sah Noyan on Twitter and uses the handle @NoyanAyt2002 as the person behind the hack.
"Few hours ago, the account of @SrBachchan with his 37.4M followers has been hacked. There is a high probability that the hacker is @NoyanAyt2002," Alderson tweeted.
"Guess who is the last person followed by @SrBachchan? Obviously @NoyanAyt2002," he added.
"To sum up: The hacker of @SrBachchan's account is @NoyanAyt2002. He is part of team called "Turkish Cyber Army Ayyildiz Tim". He hacked at least 8 "big" Twitter accounts before that including @dalermehndi, @divyadutta25, @ErosNow, @bmwindia, @dalermehndi, @yanisvaroufakis," Alderson added.
Twitter only contacts users in-app or via an email sent from an @twitter.com email address. The platform never ask users to provide their password via email, Direct Message, or reply.
"All the social media services (Twitter/Instagram/Facebook etc,) have the security and privacy feature of two factor authentication. This will make it difficult for hacker to take control of your social media account," Katkar said.
"I will also recommend everyone to go and read/check/understand all the settings under security and privacy of your social media account. It has lot of features to keep your account safe," he added.
About Gopi
Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.
He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.
When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.
He can be reached at gopi@socialnews.xyz