Users of Pinterest have reported widespread account takeovers which then spam images into adjoining social networks. Twitter and Facebook have been hit by spammed images from Pinterest for the last few days. As of Wednesday, Pinterest had removed many of the offending images, though some could still be viewed on the network.
Some example twitter posts emanating from the hack are shown below with the @names removed for privacy.
Some of the posts appear to be advertisng work-at-home schemes which pay people to fill out online surveys. Pinterest has over 20 million users and it is unclear how many were effected at this point. Also unclear is how the compromise happened but it is likely to be a browser based exploit which then takes control of the users HTTP session.
Find the right infosec staff to protect your company with Tiro Security, a specialist provider of IT Security jobs located in the heart of Silicon Beach in Los Angeles, California.