NPC Seal
We use cookies to ensure you get the best browsing experience. By continued use, you agree to our privacy policy and accept our use of such cookies. For further information, click FIND OUT MORE.
I AGREE FIND OUT MORE
x
advertisement
Filtered by: Scitech
SciTech

Warning out vs rogue Twitter app


Twitter users, beware. A rogue app making the rounds of the micro-blogging site threatens to hijack the accounts of victims who grant it access. Online security firm Sophos said the "TimeSpentHere" app exploits Twitter users' curiosity by claiming it can help them see how many hours they have spent tweeting. "The app is called TimeSpentHere, and it can only cause a problem for you if you grant it permission to access your Twitter account. If you do, then it will be able to read your Tweets, post in your name, and even change your profile. I'm sure you can imagine the potential for abuse there," Sophos senior technology consultant Graham Cluley said in a blog post. As of Thursday morning, however, Cluley said that Del Harvey of Twitter’s security team had informed him the TimeSpentHere rogue application "has now been killed off." Cluley said potential victims may get hooked to the rogue app when they see messages like "WOW --> I have spent 38.1 hours on Twitter! See how much you have: [LINK]." Victims can be fooled into authorizing the app since many of the messages supposedly came from their Twitter friends. Upon clicking on the link, they will be asked to authorize a third-party app’s request to access their Twitter account. "Of course, the very first thing it will do is post a tweet in your name, encouraging your Twitter followers to also click on the link," Cluley said. It will also take the victim's browser to a webpage of the bad guys’ own creation, he added. Cluley said that when he tested the scam on a test account, the webpage was reluctant to tell him how many hours he had spent on Twitter. "(But it) had no qualms in dreaming up an imaginary number to tweet in the hope that it could tempt unsuspecting onlookers," he said. He also noted the creators of the app would ask the victim to enter his or her email address “as a security precaution." "Possibly this is an attempt to harvest email addresses, which could be used later for a phishing campaign or malware attack," he said. "If you were unfortunate enough to grant a rogue applications access to your Twitter account, revoke its rights immediately by going to the Twitter website and visiting Settings/Applications (it used to be called Settings/Connections but it seems that Twitter has changed it) and revoking the offending app’s rights," he advised. — TJD, GMA News

Tags: socialmedia, twitter, malware, timespenthere
News
Voter's Education
Candidates
Find out your candidates' profile
Debates
Find the latest news
Stand on Issues
Find out individual candidate platforms
MyKodigo
Choose your candidates and print out your selection.
Voter's Profile
Voter Demographics
Most Popular