Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Spammers Exploit Twitter With New Spam

Spammers have discovered a fresh method for spreading malicious software on Twitter, the widely used micro-blogging website through typically short messages called tweets. The method involves implanting payloads on the URL links with the help of a "@"reply within tweets for drawing victims' attention.

Displaying themselves in abbreviated versions, the links take users to a website with disguised JavaScript. According to Rik Ferguson (a security analyst at Trend Micro), if a Web-browser executes this JavaScript, then the PC gets infected with a nasty payload, as reported by Tech Crunch on June 15, 2010.

Ferguson further states that Trend Micro researchers have observed that this spam come with malevolent PDF documents and similar executable files. These files in turn try to download more malicious software, he adds.

Meanwhile, the security researchers say that a careful examination of the URL links shows that the spammers' technique wherein a "@" reply is used really demonstrates certain transformation from the Gaza and FIFA World Cup Twitter spam executed previously during June 2010 itself. In those spam campaigns, the perpetrators employed social engineering for enticing users so they thought they were following an URL link to some news item.

Specifically, the Gaza spam scheme takes users to a website that downloads a backdoor program detected as BKDR_BIFROSE.PAB, while the FIFA World Cup spam installs the malware identified as BKDR_BIFROSE.SMK. These malicious programs carried out activities like exchanging files, capturing usernames and passwords, and keylogging data. They even have rootkit capabilities that help them conceal their processes and files on the infected computers.

While remarking about the problem, the security researchers stated that the last few months had been quite unsafe for Twitter users. The site was exploited for various kinds of spam campaigns. These included "weight loss or diet plans," "news about the Moscow Subway Blast" that led to FAKEAV, and modules such as Twitter bot constructor for launching DDoS assaults.

Finally, security specialists advise Internet users to exercise caution with web-links and deploy suitable security solutions so that they would stop the malicious links effectively.

Related article: Spammers Continue their Campaigns Successfully

» SPAMfighter News - 23-06-2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next