Just trying to get the word out. For the last couple of days, people have been getting their Twitter accounts hijacked via OAuth, causing them to send out spam DMs and tweets. It seems to be more than just the spam links causing it, though. One VERY security-savvy person I know got hit, and another who left twitter was bitten as well. As such, be VERY careful if you use Twitter.
If you ARE bitten, you need to do this:
1) Go to the website and click the cog to get to your settings.
2) Click "Apps", then use the "Revoke Access" buttons to clear out ALL of your OAuth tokens.
3) Change your password.
You'll have to reauthorize any applications you use (this includes reauthorizing InkBunny), but it's pretty much the only way to clear it out that anyone knows of. Simply changing your password alone won't help.
6 years, 2 months ago
23 Sep 2012 00:40 CEST