Acai Berry spam attack on Twitter linked to Gawker hack

Hundreds of thousands of Gawker users see account info compromised

A deluge of spam advertising acai berry diets is leaving a bitter taste in the mouths of Twitter users this morning while being linked to a devastating hacker attack yesterday on Gawker Media that compromised account information belonging to hundreds of thousands of readers.

Among the Gawker sites affected are Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin and Fleshbot. Anyone who has registered at those sites is being urged to change their password, and, if using the same login info elsewhere, change that as well.

A group going by the name "Gnosis" has claimed responsibility for compromising Gawker's servers, temporarily downing its sites on Sunday, and making available on peer-to-peer networks account information of some 200,000 readers and Gawker employees. (Update: Some media reports put the number of accounts at more than a million.)

From an IDG News Service story on our site:

In the torrent release notes, Gnosis said "So, here we are again with a monster release of ownage and data droppage. Previous attacks against the target were mocked, so we came along and raised the bar a little."

The stored passwords were encrypted although Gnosis said some of the passwords have already been cracked.

"We're deeply embarrassed by this breach," Gawker said on its website. "We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems."

It wasn't long after the Gawker hack that the Twitter spam storm erupted. Wrote Mashable last night:

The attack is spreading at a rapid pace - within a minute, more than 10,000 tweets related to the attack have popped up on the microblogging service. These tweets link to domains containing "acainews." We recommend that you don't click these links.

Del Harvey, leader of Twitter's Trust and Safety team, connected the dots in a tweet reading:

Got a Gawker acct that shares a PW w/your Twitter acct? Change your Twitter PW. A current attack appears to be due to the Gawker compromise.

How exactly the spam is spreading is unclear, although Graham Cluley, senior technology consultant at security vendor Sophos, has more details about it here.

And Twitter's Harvey offered up a bit of advice that is being echoed by security experts this morning: "This is an excellent reason to use different passwords on different sites."

Welcome regulars and passersby. Here are a few more recent Buzzblog items. And, if you'd like to receive Buzzblog via e-mail newsletter, here's where to sign up. Follow me on Twitter here.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2010 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)