Spammers attack Sh*t My Dad Says

10 Nov 2010

Spammers have broken into the account of Twitter phenomenon Sh*t My Dad Says, posting a message to its 1.8 million followers.

The tweet had said “wow I just got a free dell laptop LOL.” It contained a shortened link to a “make-money-fast” website.

The Twitter feed, started by comedy writer Justin Halpern, contained outlandish quotes made by Halpern’s father.

The account was retweeted and, in a short space of time, gained a huge following. It was mentioned on The Daily Show and Forgetting Sarah Marshall. It spawned a book and a television series on CBS.

Graham Cluley, senior technology consultant at Sophos, noted that while many Twitter accounts of well-known figures, such as singer Axl Rose, and organisations, such as The New York Times, have been broken into before, “it’s serious when such a popular Twitter account has its security breached.”

“In theory, malicious hackers could have posted a link to malware or a phishing site – rather than just what appears to be a more traditional spam page,” said Cluley.

“It’s unclear on this occasion whether the Twitter password was phished, whether it was cracked through a dictionary attack or spyware, or whether the person behind Sh*t My Dad Says made the mistake of using the same password on multiple websites.

“Computer users should always choose a hard-to-guess non-dictionary word as a Twitter password, and never use the same password on multiple websites,” he said.

Halpern has deleted the tweet and apologised to his followers.