Reputable hacker scraped 6 million Twitter data
Hackers never sleep − our team is convinced of every time new confidential user information leaks into DarkNet.
This week, Twitter is gaining special attention from cybercriminals. A few hours earlier, a highly regarded hacker in the dark world unveiled a database of 6 million user data over 1 GB!
Well, let's figure out together how serious the consequences of scraping can be.
Scraping is a particular type of data retrieval based on collecting and analyzing information from various Internet resources.
The scraping mechanism is described as follows: a specific automated code makes GET requests to the target site and, receiving a response, parses an HTML document, then searches for the data and converts it into a given format.
Image source – applied-r.com
Most of all, hackers are interested in the following data:
- product catalog
- text content
- public contact information − email addresses, phone numbers, etc.
There are many solutions for scraping websites, for example:
- Different services that work through API or have a web interface (Embedly, DiffBot, etc.)
- Open source projects in different programming languages (Goose, Scrapy − Python; Goutte − PHP; Readability, Morph −Ruby, etc.)
Web scraping is one of the most popular ways to hack and steal information, along with phishing and other forms of social engineering.
So what kind of Twitter user data is leaked this time around?
A reputable cybercriminal gained access to:
- name and surname
- profile description
- a list of followers and following
- tweet content
- media files (photo, video, audio)
- location of users
- account verification
- profile and background images
The hacker also provided samples of his find and left a link to download the full database over 1 GB in size.
Having obtained information from open sources and disseminated it across the network, the hacker provided other people with complete information about the affected Twitter users.
I was most upset that it is the verified accounts, which means that any amateur hacker can access phone numbers, email, and other confidential user data through simple manipulations.
The compromised database provides for general use free of charge. Therefore, alas, while we were writing this shocking news for you, user data had already fallen into the wrong hands.
We urge you to be mindful and alert. At a time when hackers rampage on the Internet, it is unacceptable to remain in the dark. We have compiled several recommendations for you, following which you can protect yourself and your data:
- Make your Twitter account private: only accept requests for reading from family and friends. By leaving your account open, you attract the attention of curious hackers who want to take over your information.
- Create a secure backup email and phone number to register on Twitter, or change your primary contacts to spare. This way, you will protect yourself in the event of a hacked account
- Don't post photos of your house on Twitter and try not to demonstrate your social status so as not to cause excessive envy of those who want to cash in on someone else's success
- Don't get involved in conflicts and don't react to provocations ─ do not make enemies for yourself
- Turn on two-factor authentication
Take care of yourself and your data!