If you needed another reason to be cautious about providing log-in credentials from your most personal and sacred accounts into an unconfirmed third-party app, here’s one. An app called TweetGif, which allowed users to share animated .gif images but only if they provided their Twitter username and password, has been revealed to be nothing more than a phishing scheme.
Now, around 10,000 Twitter credentials have been leaked, with seemingly no targeted purpose other than proof of concept. Taking credit for the hack-friendly app is LulzSec Reborn, a group that aims to capitalize on the once dominant hacking group LulzSec, which disbanded last year after a flurry of attacks on large companies, government entities throughout the planet, and law enforcement agencies.
The infamous ‘LulzSec’ name came back into the spotlight in March, when the so-called LulzSec Reborn project was introduced. During that same month, the FBI arrested multiple members of the LulzSec family after it managed to secure the identity of its ring leader, knwon as Sabu. It is unclear whether or not LulzSec Reborn actually contains any members of the original LulzSec, and in fact there are claims that it is a completely new group of people.
[via PC Mag]