F-Secure - Hackers Use Phony Twitter Accounts to Upload Scareware
Researchers at the Finnish security firm 'F-Secure' have cautioned about a new rise in bogus Twitter accounts being created by hackers to deceive users into purchasing forged antivirus solutions also called scareware.
Chief Research Officer of F-Secure, Mikko Hyppönen, said that the new profiles were auto generated, with several user names and locations. These profiles even had various Twitter wallpapers mechanically uploaded to make them appear genuine, as reported by SC MAGAZINE on September 22, 2009.
Hyppönen also stated that the user names were usually German and locations used by these accounts were the US cities, as reported by by f-secure on September 20, 2009.
The forged accounts send tweets that either replicate actual human tweets or are based on trending topics having harmful links. These links ultimately redirect a user to bogus sites that try to threaten him into buying a scareware product. This scareware deceitfully states that the user's system has been hit by malware and encourages him to spend money to remove the non-existing threats.
The security experts declared that the alleged scareware was becoming increasingly famous among attackers as they tried to take benefit from heightened user awareness of various threats. Using Twitter as a channel for links to these websites is an accepted move for the perpetrators given the micro-blogging site's six million-plus user base.
While Twitter has started examining its users' feeds for harmful links, the checks are not at all completed, and the firm has usually been blamed of doing too little to maintain the safety and veracity of the service.
Apparently, the company is presently scrutinizing an account confirmation tool that can end the large number of forged celebrity accounts on the micro-blogging service. The trial can be given additional impetus after it has been known that American baseball coach 'Tony La Russa' sued Twitter for comments made on bogus account about the death of his two players.
Security experts believe that Twitter has to be extra cautious against rising activities of cyber criminals who are frequently inventing new ways to attack sites and extract profits.
Related article: F-Secure Alerts against Bogus Windows Update Sites
» SPAMfighter News - 13-10-2009