Infosecurity.US

Be afraid… Be very afraid…

News, yesterday, of evidence pointing to the apparent cracking of Twitter security (again) . This time, a hack of the administrative functions, has surfaced. More information, including a short snippet of the original post, appears after the jump.

From the original Mashable post by Stan Schroeder :”A Look Inside the Twitter Admin Panel“

According to French blog Nowhere Else, someone has been able to access Twitter’s administration area, and they’ve got a bunch of screenshots to prove it.

The URL which leads to Twitter’s admin page is simple enough (and open to everyone): “https://admin.twitter.com/admin/”; of course, without a password you cannot get in, and the source does not disclose the nature of the hack; perhaps someone was able to brute force their way in, or they somehow obtained the username and password from one of Twitter’s real admins.

In any case, the screenshots are quite interesting if you want to find out about the inner workings of Twitter; they could be fake, but they’re quite elaborate and there’s lots of them, so the chances that someone photoshopped them are slim. Check out some of them below – I’ve skipped the ones that display sensitive information on a particular user, but there are several over at the source; one even shows the details about BarackObama’s Twitter account.

*Update: Nowhere Else is currently down, but there’s another source with even more images, located here.

*Update #2: commenter Jack noticed some odd details about the images. For example, the edges of the white area of the panel in some of the screenshots are round only on the left side; on others they’re round on both sides. Administrative interfaces often have small visual glitches like this because they aren’t meant to be seen by the public, so this does not definitively prove the images are fake, but it does increase doubt in their authenticity. We’ve contacted Twitter a while ago and are waiting for the official word until we can claim anything for sure.