Following the massive attack in the form of malicious spam tweets via its services, We Heart It website has been shutdown for a while now.
UPDATE: The website and its iOS and Android apps has come to its normal condition. No official statement released yet!
“We Heart It” is a social network for sharing images collections, which earlier tweeted that it has turned off sharing on and signing-in using Twitter after the massive spam tweets sent referencing the service. But, now the website itself is down.
We Heart It’s official Twitter account tweeted:
We’ve temporarily disabled sign-in and sharing via Twitter while we look into an issue. Please sign-in via email in the meantime.
Many of its users are tweeting about the downtime, where many of them also said that their Android and iOS app isn’t working.
The spam tweets included the phrase “If I didn’t try this my life wouldn’t have changed” followed by a malicious link, which were showing a “Via Weheartit.com” tag in Twitter. Later, similar posts appeared on Twitter, which were referencing Twitter for iPhone. So there are one and more services being affected by the spam posts. Those links, in at least one instance, leads to a website purporting to sell women’s health products.
We Heart It enabled the Twitter sharing in January 2014. May be a security breach from their side is the reason for this large malicious attack.
Meanwhile, Twitter and Bit.ly began to flag those links as potentially malicious. Attackers used Bit.ly to shorten the spam URLs. When we searched the link in Twitter, we found thousands of similar posts on Twitter via different users. It seems those user credentials might have been compromised and then abused by the spammers.
Twitter hasn’t yet released any statements regarding the attack. Stay tuned for more updates on this story.