New Scam Claiming From Twitter Distributing Malware

Security researchers at BKIS (a Vietnam-based antivirus provider) are cautioning that a new scam is doing the rounds, distributing malware apparently originating from Twitter (the well-known website for micro-blogging).

The e-mails display spoofed subject lines and seem as if they have been sent from 'invitations@twitter.com.' Further, they pose as automatic invitations being dispatched following a friend's request.

While describing the function of Twitter, the spam mail states that it is meant for family, friends and colleagues for maintaining continuous communication via interchanging fast, recurrent replies to one plain query about what the recipient is doing. Thereafter, it states that the message recipient can find out who invited him or can join the chain by viewing the given attachment, as reported by Softpedia on June 28, 2010.

The antivirus agency explains that in the current attack, the hacker's ultimate objective is to create an impression on the user that everything written in the e-mail is true, and to get him to open the attachment.

Moreover, the security company observes that if users aren't careful, they'll easily do what the hacker says. Consequently, their PCs will be contaminated with virus. BKIS detects this virus as W32.Ziktwitters.Worm, a downloader of numerous malicious programs, including FAKEAV. The worm also continuously disseminates phishing and advertising e-mails to other operators online.

BKIS states that the virus creator appears someone with humor as he selects an extremely funny code for decrypting data.

The spam outbreaks utilizing an e-mail template of Twitter, which was reported by BKIS during June 2010, continue to circulate on the Net. This indicates that the masterminds behind the attack are able to effectively dupe end-users.

Lastly, it isn't only BKIS but Trend Micro and Symantec, some other security companies too, who recently have been issuing alerts to Internet users that they can be infected with virus if they view file attachments in phishing e-mails targeting Twitter or Facebook, the widely-used social-networking websites.

But users continue to ignore such alerts. This explains the reason for the persistent efficacy of such infecting techniques of hackers and why new assaults like the latest one keep arising online.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 7/8/2010