Buffer hacked! Spam sent from Twitter and Facebook users’ accounts

Graham Cluley
Graham Cluley
@[email protected]

BufferBad news for social media lovers today, as Buffer – a service which can schedule your tweets and Facebook posts – has been hacked by spammers.

Buffer has sent an email warning to its users, warning that its systems were compromised by hackers who have posted spam messages from customers’ Twitter and Facebook pages.

According to the Buffer website, over one million people use their service to share messages on Twitter, Facebook and other social media sites at the best time of day for maximising engagement.

The good news is that passwords have, apparently, not been compromised – and the hackers did not gain access to billing or payment information.

Sign up to our free newsletter.
Security news, advice, and tips.

However, the fact that spam messages have been sent via the service through users’ social media accounts is clearly damaging.

Here’s an example of one of the spam messages that was sent, promoting a miracle diet:

Spam message sent via Buffer hack

Joel Gascoigne, the founder of Buffer, apologised for the inconvenience in a warning email to users – advising them to check their social media accounts for posted messages that looked like spam.

Buffer hacked

I wanted to get in touch to apologize for the awful experience we’ve caused many of you on your weekend. Buffer was hacked around 1 hour ago, and many of you may have experienced spam posts sent from you via Buffer. I can only understand how angry and disappointed you must be right now.

Not everyone who has signed up for Buffer has been affected, but you may want to check on your accounts. We’re working hard to fix this problem right now and we’re expecting to have everything back to normal shortly.

We’re posting continual updates on the Buffer Facebook page and the Buffer Twitter page to keep you in the loop on everything.

The best steps for you to take right now and important information for you:

* Remove any postings from your Facebook page or Twitter page that look like spam
* Keep an eye on Buffer’s Twitter page and Facebook page
* Your Buffer passwords are not affected
* No billing or payment information was affected or exposed
* All Facebook posts sent via Buffer have been temporarily hidden and will reappear once we’ve resolved this situation

Earlier, Buffer’s Facebook page advised users to change their passwords or disconnect the Buffer Facebook app from their accounts – as a means of preventing further spam posts from being made.

Buffer posts an update on the incident on Facebook

Of course, spammers will do anything they can to increase the number of people they can get to click on their links – and if they manage to send messages using the Facebook or Twitter account of a legitimate user, they know that friends and family are much more likely to click on the link, believing it to be legitimate.

Furthermore, it’s easy to imagine how the messages could be used for the purposes of phishing or spreading malware.

Although Buffer appears to have the situation under control, and more spam messages shouldn’t be sent, you may still wish to revoke access by the Buffer service to your Twitter and Facebook accounts until the all-clear is given.

Little is known so far about how the hackers managed to compromise Buffer, and one hopes that the site will quickly shut down any security weaknesses. One has to feel some sympathy for the firm, which has fallen victim to a criminal act.

But you have to feel even sorrier for the social media users who have had their timelines and newsfeeds sullied by the spam messages sent by the hackers.

If you are on Facebook, and want to be kept updated with news about security and privacy risks, and tips on how to protect yourself online, join the Graham Cluley Security News Facebook page.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.