Buffer spam-and-hack attack resolved, new security layers instituted

Oct 27, 2013
1
Buffer spam-and-hack attack resolved, new security layers instituted

Buffer, an app that lets users schedule and post Facebook, Twitter and Google+ updates, is now back up and running after a two-day hack-and-spam ordeal. Buffer was hacked yesterday, sending out third-party spam to thousands of Buffer users' Facebook pages. The company has cleaned up the mess for the most part and instituted new security measures to prevent future blowouts.

Thirty thousand--6.3%--of the 476,343 Facebook users who use Buffer to post to their pages were affected by the spam attack. This social media SNAFU started yesterday morning when users started reporting to Facebook and Buffer that their accounts were posting weight-loss-themed spam. That's not exactly gasp-inducing subject matter, but the URL to which the link pointed may have been rigged with a minor virus, reported PCMag.

"I wanted to post a quick update and apologize for the awful experience we’ve caused many of you on your weekend," posted Buffer CEO Joel Gascoigne after the attack became apparent. "Buffer was hacked around 2 hours ago, and many of you may have experienced spam posts sent from you via Buffer. I can only understand how angry and disappointed you must be right now."

The company kept users updated via that same post as to what it was doing to solve the problem. It froze all posting for a time, unfroze the app for Twitter, and instituted additional security layers with the various social networks' authentication services. By 3:00 p.m. today, the app was back up and running for all services.

SOURCE: Buffer


Must Read Bits & Bytes