Ashton Kutcher (@aplusk) was attending the TED Conference and it looks like someone may have run Firesheep against him to hijack his Twitter account. Two tweets were made by the hijacker:
Ashton, you’ve been Punk’d. This account is not secure. Dude, where’s my SSL?
Followed about 20 minutes later with:
P.S. This is for those young protesters around the world who deserve not to have their Facebook & Twitter accounts hacked like this.Â #SSL
It looks like the tweets are still in his feed, including a “kudos” to the people responsible. The cool thing is that a lot of mainstream media/entertainment/news outlets are covering this, so perhaps this is anÂ opportunityÂ to bring the issue of HTTP Strict Transport Security (HSTS) to wider attention. Or maybe more people will download HTTPS Everywhere.Â OK, maybe those are long shots, but maybe we could get a Public Service Announcement with Ashton and Demi Moore?
More importantly, maybe a high profile attack like this will get the attention of Twitter and Facebook.