On further Investigating Security Researcher Janne Ahlberg found that easyJet was not the Only Account hijacked under this Phishing Campaign but verified Account of James Bobo Fay and several other Twitter users were also hijacked for the same. The tweets fired from the hijacked accounts contained shorten URL in the form of tinyurl.com/xxxx which redirected user to a known phishing site kxhtao[.]com which in term had to redirect user to another URL shortener joi[.]nu and then to a phishing website designed to steal victim’s twitter user token. Attackers failed to use the redirect script correctly, as the redirected user from tinyurl landed nowhere or to Google search engine searching for the query. Analysis carried out by Ahlberg shows how the Phishing Campaign was designed to work, The Script used to redirect the Victim also used the link from go.redirectingat[.]com which is used by Skimlinks, a service that helps online publishers to earn money, which gives indication that the Campaign was carried out by the Hackers to Make money. Though this time the hackers failed in there plans, it does not means that they will repeat the mistake everytime, in case you have clicked any such links best way to keep your account secure is to change your password.
