My Twitter account was compromised today. As far as I can tell, and I can’t be one hundred percent certain, it looks like a Twitter app compromised my account. It began posting random tweets that contained provoking text, combined with links to pharmaceutical stores. Apologies to those that think I converted to atheism…
Part of the difficulty in regressing this exploit, is that Twitter no longer allows me to see what app is responsible for posting tweets. Many believe this was done to downplay third party social media apps, and thus, promote the Twitter brand internally. Unfortunately, it also makes it impossible to see if my Twitter password was compromised, let alone which app in particular was compromised.
One idea came to mind; contact Twitter. Acting as a normal person, I went to Twitter’s my-account-was-compromised page. Essentially, Twitter doesn’t care. There is no way to report on the standard form that an app has breached security, unless you know which app specifically. And, of course, you can’t know which app because of Twitter’s own promotion-over-security changes. You’re basically told that if you’ve reset passwords, and disconnected all apps, that all is well.
No, all is not well. Odds are, one of the apps I use is quietly posting spam on thousands of other accounts, right now, this minute. They’re just doing it quietly and at a low enough volume that they are flying under the radar of Twitter security.
I hope that I’m not treated like normal. I hope that Twitter security contacts me out of PR goodwill, and revives my deleted spam tweets and finds out which app compromised my feed. Wouldn’t be surprised if that didn’t happen, either.
The point is that, on some level, Twitter should allow for users to see what apps are posting what on their feed. It’s relevant not just for good social media management, but as I just outlined… Twitter isn’t going to take your call on security, if you can’t figure out which app is making Twitter insecure. And that is a security problem (for Twitter in general) in and of itself.