Twitter Reveals Scam Details

Twitter has revealed the back story on why it reset passwords this week for many of its users. The phishing attacks that forced Twitter to change account passwords stemmed from discovery of a scam being run by a torrent Web site creator, explained Del Harvey, Twitter's director of trust and safety, in a blog post Tuesday evening. Twitter had found that someone for the past few years had been building torrent sites and forums requiring a log-in and password. This person then sold these Web sites and forums to people interested in starting their own torrent download sites. Unknown to the buyers, these sites actually contained security holes that allowed the cybercrook to gain access to the buyers' log-in information for sites like Twitter. This was done by grabbing log-in attempts to the forums and redirecting them to third-party Web sites where the criminals could capture a user's credentials. "These sites came with a little extra--security exploits and backdoors throughout the system," Harvey said. "This person then waited for the forums and sites to get popular and then used those exploits to get access to the username, email address, and password of every person who had signed up." A red flag was first raised on Twitter's end when it noticed an abnormally high number of followers for certain accounts. This prompted the company to investigate and eventually reset the passwords for anyone following those suspicious accounts. Twitter noted that although torrent sites have been around a while, this is the first time it's seen an attack using this angle. "While not all users who were sent a password reset request fall into this category, we felt that it was important to put this knowledge out there so that users would know of the possibility of compromise of their data by a third party unrelated to their Twitter account," Harvey said. Twitter advises people who have signed up for third-party torrent accounts to change their passwords at those sites and to refrain from using the same password at multiple sites. More tips on safe tweeting can be found on Twitter's help pages.

Toyota Sued For Fatal Crash

A lawsuit filed in California on Thursday alleges that a fatal crash in which a Toyota Camry accelerated out of control was caused by faulty electronics. The lawsuit is centered on Toyota's "drive by wire" system, which is the technology underlying the electronic throttle control, the alleged cause of the uncontrolled acceleration cited in the lawsuit. That is a separate issue from the mechanical accelerator pedal problems that Toyota is addressing with its massive recall. The suit claims that the crash killed Upland, Calif., resident Noriko Uno, 66, when her Camry suddenly accelerated to 100 miles per hour. After weaving to avoid hitting other drivers, the car hit a curb, sending it into the air, and then, finally, into a tree, according to a Reuters report. Drive by wire replaces traditional mechanical and hydraulic control systems with electronic control systems. While drive by wire allows for a more refined, computer-controlled acceleration, it has also introduced a new set of hard-to-trace problems. Toyota would not comment on the suit. More generally, the company is saying, at least publicly, that it has found no evidence of electronic problems. John Hanson, national manager of environmental safety and quality in Toyota's communications group, when contacted Friday, stood by a statement he made earlier this week to CNET. "We have not found any evidence of an electronic problem that would have led to unwanted acceleration. That doesn't mean that we've written it off. We are aggressively investigating any claims," he said. The case is similar to a longstanding allegation made by Jordan Ziprin of Phoenix. In a well-documented case detailed in a petition to the National Highway Transportation Safety Administration (NHTSA), Ziprin claims that, in 2005, when backing out of a driveway near his home, his 2002 Toyota Camry XLE suddenly accelerated and slammed into a utility box. He has also claimed this was due to a faulty electronic throttle system. Toyota has recalled approximately 8 million vehicles worldwide, including more than 2 million in the U.S., because of mechanical glitches with its accelerator pedals. Uno's family members said that they hope their lawsuit will force Toyota to widen its recall to include all models equipped with an electronic throttle and "to retrofit those automobiles with a brake override system," according to Reuters. Garo Mardirossian, a lawyer for the Uno family, said Toyota's recall should cover model years 2002 through 2006, according to the Reuters report. He added that Toyota and the National Highway Traffic Safety Administration had knowledge of 389 complaints of out-of-control acceleration in those model years.