RealTime IT News

Twitter, Facebook Hit in Denial-of-Service Attacks

Facebook and Twitter down
Social media phenoms Twitter and Facebook this morning suffered bouts of downtime -- with each blaming a denial-of-service (DDoS) attack for its woes.

Officials from the two companies have not said whether the two attacks are related.

Microblogging site Twitter went offline for several hours this morning, and at press time, continues to suffer sporadic page-loading failures. Twitter said on its status page that the site was "back up" as of around 11 a.m. Eastern time, although many users reported seeing much of the site remaining inaccessible for the next few hours.

"We are continuing to defend against and recover from this attack," the company added.

Meanwhile, Facebook users experienced blank pages, slow loading times, and error messages that appeared while trying to navigate the social networking site.

One such error message read: "Transport error (#1001) while retrieving data from endpoint '/ajax/inline.comments.php': A network error occurred. Check that you are connected to the internet."

As Twitter had, Facebook representatives pointed the finger at a DDoS attack.

"Earlier this morning, Facebook encountered network issues related to an apparent distributed denial of service attack, that resulted in degraded service for some users," a Facebook spokesperson told InternetNews.com. "We have restored full access to the site for most users ... We're continuing to monitor the situation to ensure that users have the fast and reliable experience they’ve come to expect from Facebook."

The spokesperson also said that no user data had been at risk during the attack.

Latest knock against Web 2.0 giants

For Twitter, today's denial-of-service attack marks but the latest blow. The site spent much of its early months of service contending with unexpected downtime due to overcapacity and other issues. In more recent months, the company has been wrestling with a growing number of Twitter-spread malware and information-theft attacks.

The site also had to contend with a security breach when internal documents were stolen through a hijacked account and published on the Internet.

Making matters worse today, as the "Denial-of-Service" thread became one of the most popular on Twitter, a number of bots jumped on the trend, spreading spam and pornographic links while tweeting keyword-heavy nonsense.

"Hiroshima AT&T Goodmorning Denial-of-Service Twitter Status Ubertwitter Steven Tyler," one said.

Meanwhile, Facebook has been forced to cope with growing incidents of phishers and malware spreading through the site.

Such problems -- coupled with the lack of control IT admins have over content posted to Twitter, Facebook, and similar sites -- have prompted organizations to reconsider their use of the service. Most recently, the Pentagon on Tuesday began a security review of the threat posted by Facebook and Twitter.

Experts agreed that such sites could pose a risk.

"Popular social networking sites, such as Facebook and Twitter, will always be targets to hackers or spammers and prone to attack, and as such, consumers become more vulnerable and run greater risks of becoming victims of online fraud," Roger Thompson, chief research officer at computer security firm AVG Technologies, said in an e-mail to InternetNews.com.

Thompson added that it was difficult to find a motive for the attack.

"With the eyes of the world's media all trained on Twitter at the moment, those behind this latest attack may be using it as a means of highlighting the vulnerability of the sites we take for granted," he said. "Those who do carry out an attack like this will lose their botnet, showing there is no gain to be had."

Update adds comments from Facebook and Thompson.