Twitter Users, Victims of BHSEO-Corrupted Web-Links: Kaspersky
Security researchers from Kaspersky the security company caution that Twitter users are being targeted as distributors of malicious software fervently execute scams based on BHSEO (Black-Hat Search Engine Optimization).
In BHSEO scams, techniques are used which falsely raise malicious websites' ranking among the search engine returns obtained from hunting for keywords that associate with breaking news events.
Confirming the latest warning, security expert Denis Maslennikov with Kaspersky the anti-virus firm writes in a personal blog that additional investigation has disclosed a number of current topics like "Advent Calendar," "Morgan Freeman," "Toivonen," "Pastor Maldonado," "Hannukah" and "Grinch" having different messages crafted within condensed URLs. The condensing services utilized include bit.ly, tinyurl.com, tiny.cc, urlcut.com, alturl.com, yep.it and shortlinks.co.uk, all leading onto malevolent websites, he continues. Securelist.com reported this on December 1, 2010.
Maslennikov adds that all the malevolent web-links take users onto br********.com/about.html that divert them onto bestivideos****.it.
Thereafter users are diverted onto myb****.com/flash/ that directs them to take down Flash Player of the ActiveX version so the content becomes visible. However, this codec suggested for download is harmful which Kaspersky identifies as Trojan-Dropper.Win32.Drooptroop.ipl.
Security researchers while remarking about the attack stated that current topics on Twitter could be seen as more in number compared to that on Google. Consequently, cyber-criminals were likely to target the Twitter trending topics more during the future, they speculated.
Indeed, it appears that the above conjecture is already proving right while researchers at Kaspersky caution of an ongoing scam that utilizes the above technique.
Worryingly according to Kaspersky, the total number of shortened e-mails associated with each malevolent website is nearly 3,000, as of now, that appeared within 40 minutes.
State security researchers, the con artists find BHSEO a flourishing business and so does the security industry. Also, as the technique concentrates on corrupting social-networking websites in an increasing manner, it's as well an enormous problem to set right, emphasize the researchers.
Kaspersky suggests that Web-surfers must exercise great caution while searching for trending topics on Twitter as also they must routinely make their software up-to-date so that vulnerabilities, which may be allowing the latest scam, are kept patched.
Related article: Twitter Flaw Compels Victims to Follow Hacker’s Account
» SPAMfighter News - 15-12-2010