Spammers Exploit Twitter With New Spam
Spammers have discovered a fresh method for spreading malicious software on Twitter, the widely used micro-blogging website through typically short messages called tweets. The method involves implanting payloads on the URL links with the help of a "@"reply within tweets for drawing victims' attention.
Ferguson further states that Trend Micro researchers have observed that this spam come with malevolent PDF documents and similar executable files. These files in turn try to download more malicious software, he adds.
Meanwhile, the security researchers say that a careful examination of the URL links shows that the spammers' technique wherein a "@" reply is used really demonstrates certain transformation from the Gaza and FIFA World Cup Twitter spam executed previously during June 2010 itself. In those spam campaigns, the perpetrators employed social engineering for enticing users so they thought they were following an URL link to some news item.
Specifically, the Gaza spam scheme takes users to a website that downloads a backdoor program detected as BKDR_BIFROSE.PAB, while the FIFA World Cup spam installs the malware identified as BKDR_BIFROSE.SMK. These malicious programs carried out activities like exchanging files, capturing usernames and passwords, and keylogging data. They even have rootkit capabilities that help them conceal their processes and files on the infected computers.
While remarking about the problem, the security researchers stated that the last few months had been quite unsafe for Twitter users. The site was exploited for various kinds of spam campaigns. These included "weight loss or diet plans," "news about the Moscow Subway Blast" that led to FAKEAV, and modules such as Twitter bot constructor for launching DDoS assaults.
Finally, security specialists advise Internet users to exercise caution with web-links and deploy suitable security solutions so that they would stop the malicious links effectively.
Related article: Spammers Continue their Campaigns Successfully
» SPAMfighter News - 23-06-2010