A hacker has broken into Britney Spears' Twitter account and
posted a tweet announcing that she is dead.
The hacker posted the message: "Britney has passed today. It is
a sad day for everyone. More news to come."
A message has since been posted saying that the tweet is not
true.
Graham Cluley, at security supplier Sophos,
said in his blog that the fake message was sent to Britney's
followers on Twitter via TwitPic.
"Interestingly, the fake story of Britney's death was posted to
her Twitter followers via the TwitPic service, which automatically
forwards messages to the associated Twitter account. There are a
number of ways in which you can post a message on TwitPic - which
is then echoed on Twitter - including logging on to the service or
sending a picture to a unique e-mail address," said Cluley.
"It is possible that last method of updating TwitPic may be the
prime suspect in this case, as the service just tweeted that they
have fixed a vulnerability with their e-mail posting
functionality."
He said TwitPic relies on a four-digit Pin that could be cracked
through a brute force attack.