CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
June 2nd, 2009

Twitter Users Hit Once Again, This Time With Rogue Anti-virus Scam

Twitter users over the weekend were the target of a scam that tried to infect them with rogue anti-virus software and other malware, in what is one of the first times the micro-blogging site has been hit by a known for-profit attack, a security researcher said.

The problem started after a flurry of tweets directed users to a website promising “Best Video.” The site appeared to offer content from YouTube, but behind the scenes, the site delivered a PDF document designed to infect those using vulnerable versions of Adobe’s Reader program. Victims then received an urgent warning that their systems were infected and needed to cleaned using fraudulent security software. The scam promoted a piece of rogue anti-virus software dubbed “System Security.”

“This attack is very significant,” Kaspersky researcher Roel Schouwenberg says. “It would seem that at least one criminal group is now exploring the distribution of for-profit on Twitter. If the trends we’ve seen on other social platforms are any indicator for Twitter then we can only expect an increase in attacks.”

Twitter representatives said Saturday they had contained the problem after temporarily suspending accounts that had been compromised. No confidential information was intercepted, they added.

The high volume of posts on Twitter that encourage readers to follow obscured links to audio, video, and other content has created a click-first-ask-questions-later culture on the micro-blogging site that’s ideal for drive-by attacks. And yet, this weekend’s attack is one of the few to target Twitter users with exploits that install malware.

That’s not to say Twitter hasn’t been targeted in the past. The vast majority of the attacks, though, have been worms that repeat a phrase or link over and over by tricking users to click on links that automatically leave a post. As more posts are generated, more and more Twitter users are bombarded with the malicious links, giving the attacks the ability to spread virally.

Credit: The Register

Share this item with others:

More on CyberInsecure:
  • Twitter Micro-blogging Compromised Accounts Spread Koobface Worm
  • Spam From 750 Compromised Twitter Accounts Invited Users To Visit Porn Website
  • Office.Microsoft.Com Search Results Can Lead To Rogue Anti-Virus
  • Hackers Broke Into New York Times Banner System, Pushing Fake Anti-virus Malvertisements
  • Current List Of Zlob Distributiuon Sites And Rogue “Anti-virus” Products Domains

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Twitter Users Hit Once Again, This Time With Rogue Anti-virus Scam

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.