New App Lets Spammers Target Twitter
— -- Twitter may not being making any money yet, but that hasn't stopped spammers from trying to benefit from the micro-blogging service. In fact, a new software tool, called Tweet Tornado, has the unfortunate potential to be a real game changer. Launched last week, TT is designed to help spammers and malware distributors get the most out of their Twit-based offenses.
The program, which currently costs $150, allows you to create unlimited Twitter accounts, add an unlimited number of followers and send identical updates to multiple accounts through proxy servers. Clearly, this software is designed for one purpose and one purpose only: deliver unwanted messages to unsuspecting Twitter users.
Twitter's Achilles heel
Unlike many other online services, Twitter does not require a new user to verify their membership with a valid e-mail address. You need to provide an e-mail at sign up and fill out a CAPTCHA box, but these obstacles are more easily overcome as Tweet Tornado points out in its introductory video. So a crafty spammer using TT could easily create numerous phony Twitter profiles in minutes, with no real way to make sure the new Tweeter is a real person and not some kind of spam king.
However, distributing spam across the Twit-o-sphere is harder to do than it is with e-mail. To get the unwanted messages, a Twitter user would have to opt-in to get updates from a bogus profile. Tweet Tornado suggests you can overcome this problem by using a "hot chick" for your profile pic, but it seems to me it would still be difficult to dupe the tweeting masses. Wouldn't it?
Maybe not
A "proof of concept" profile created by Tweet Tornado and uncovered by ZDNet, shows how well the product works. The bogus AarensAbritta--who seems to be a very hot chick by the way--gained over 400 followers in just a few hours. That may not seem like much, but if you gain 400 followers each across multiple profiles it's not hard to see how things could get out of hand.
Hats off to Twitter though for shutting down the bogus account in just a few hours. Without any kind of validation service, Twitter's oversight is really the only defense it has against micro-spam. If Twitter continues to grow in popularity, hopefully the company will employ different identity verification systems to block spammers from the service. Until that time, however, Twitter has the potential to grow into a spamming haven. So the next time a hot chick with an exotic name starts following you on Twitter, think twice before reciprocating.
