Tuesday, June 27, 2017
Home / Security / Breaches / 55k Twitter accounts leaked

55k Twitter accounts leaked

twitter account leak

A total of 34.062 unique accounts where leaked Eset reports and the reporter has cross referenced the list with the LulzSec leak back in 2011 and the accounts that have an e-mail in them seem to have come from the LulzSec leak but the rest are fresh.

Many more accounts have surfaced on pastebin with lists containing 10k + accounts, we are not sure if these two leaks are related/the same accounts.  We are still not sure who has released these accounts.

There are two kinds of accounts in the list, ones with a user name (e.g. “Hayleyjsvze”), and ones with an e-mail (e.g. “something@hotmail.com”). On Twitter, you can login with either your user name, or your e-mail, so that could be the reason there are two different kinds.. or?

Of the 34.062 unique accounts, 25.068 accounts seems to be an e-mail address. Those accounts look “real”. They all seem to have “regular” passwords (easier words, numbers). The rest of the accounts, the ones that aren’t based on an e-mail address, all seem to be spam-accounts. They have a few, if any, posts, following many others, but very few followers of their own. And they all have random 8 character passwords..

Now, looking back to the real accounts, here are some statistics from the e-mails used for the accounts:

Total number of accounts: 34.062 Total number of e-mails: 25.068 (where a few are incorrect, or contain typos)
Domain "hotmail.com": 15,777
Domain "gmail.com": 2,193
Total NOT using ".com": 6,046 (but a handful of invalid e-mails in there too)
Total using ".com.br": 5,736

So, almost 95% of the country-specific e-mails are from Brazil (.com.br)! And of the “55.000″ accounts, about 9000 seem to be Twitter-spam accounts..

I think this is probably the result of either a leak of a big Brazilian hacked website, or a Brazil-targetted phishing, combined with 9000 Twitter-spam accounts.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …