Gawker hack creates Twitter spam storm

Usernames and passwords taken during the Gawker hack has enabled cyber criminals to take over thousands of Twitter accounts

The cyber criminals who accessed usernames and passwords when they hacked gossip blog site Gawker, as reported yesterday on Computing, have now flooded Twitter with a storm of spam.

Registered Gawker users who chose the same account details for both the blog site and Twitter have fallen foul of the hackers. Gawker admitted that 1.3 million account details were compromised during the attack.

In a statement on its site, Gawker said: "You should change your Gawker password and on any other sites on which you've used the same passwords."

A 500MB file containing details stolen during the attack was released on BitTorrent index site Pirate Bay.

This attack appears to be yet another example of "hacktivism", as many hacked Twitter accounts were used to publish messages in support of beleaguered site Wikileaks. Gawker has criticised Wikileaks founder Julian Assange in the past.

Both MasterCard and PayPal have experienced disruptions to their web sites as a result of Wikileaks-related hacktivism in the past two weeks.

Although the passwords were encrypted when stolen by hackers, many were extremely easy to crack, proving that internet users are slow to follow advice from cyber security professionals.

The Wall Street Journal published a list of the top passwords published online by the hackers. The first and second were "123456" and "password" with just over 3,000 and 2,000 instances respectively.