TweetDeck Warns of Fake Update on Twitter Distributing Malware
Cyber criminals used Twitter on August 30, 2010 to distribute malware through links directing towards what they claimed was an update to the famous micro-blogging client TweetDeck.
The tweets initiated with phrases, like "Download TweetDeck update ASAP!" or "Hurry up for tweetdeck update!" and comprised a URL starting with http://alturl.com/. Some of the malicious tweets mentioned the U.K.'s national Bank Holiday, which was on Monday, August 30, 2010. The tweets say, "Update TweetDeck! Bank Holiday" Or "Critical tweetdeck update Bank Holiday".
Graham Cluely, Senior Security Researcher at Sophos, said that TweedDeck was a British company and referring to the Bank Holiday could possibly help one to detect that the criminals behind this attack were also based in the U.K., as reported by SCMagazine on August 31, 2010.
According to Cluely, a number of tweets were posted using compromised Twitter accounts. The links did not direct to a legal TweetDeck update rather it brought victims to a Trojan. By following the link, users placed themselves at the danger of getting infected by a Trojan horse called Troj/Agent-OOA.
As per the security experts, it is likely that the cybercriminals who are circulating the attack are gaining benefit of Twitter ceasing support for basic verification in their Application programming interface (API).
In regard to this specific attack, Twitter states that it is resetting the passwords of those accounts, which it has noticed circulating unsafe web links.
Furthermore, TweetDeck - which has not released any sort of update - has issued a warning about the bogus update and advised users not to download it. The company further mentioned that all the TweetDeck updates should be downloaded from the company's official website. TweetDeck updates by default are presented automatically tracking the publication of a safety or stability update to the software, at least on Macs.
It is worth noted that this isn't the first time when TweetDeck followers have found themselves caught in such a crisis. Earlier this month (August 2010), they cautioned that a bogus TweetDeck application had been uploaded to the Android Market.
Related article: TDSS Rootkit Technologies Back
» SPAMfighter News - 03-09-2010