Malware Scam Targets Twitter Members
According to investigators from Kaspersky Labs a security company, innumerable people on Twitter, believably, have come under a malware attack wherein malicious web-links are being distributed across the micro-blogging site.
The malware campaign, states Kaspersky, seems to proliferate via malevolent web-links that exploit the URL-condensing facility, goo.gl. These web-links divert users onto various domains that host a web-page namely 'm28x.html.'
That web-page then diverts users onto one static domain, which has an association with one widely-accessed domain, hosted in Ukraine. The domain diverts the Web-surfers onto an Internet Protocol address thrusting a rogue anti-virus, blogs Nicolas Brulez, Senior malware Researcher with Kaspersky Labs. Eweek.com published this on January 20, 2011.
Further, when the Web-surfers encounter the malevolent website, an alert pops up telling them that their PCs are running dubious software therefore they should execute a scan. Like always, the systems, consequently, become contaminated with malevolent elements, while the scam attempts at so deceiving the surfers that they acquiesce to take down a bogus disinfection program namely "Security Shield," the researcher adds. Zdnet.com reported this on January 20, 2011.
Meanwhile, it isn't only Kaspersky that has spotted the new Twitter scam. Sophos, another security company, also spotted the scam as well as identified the involved malicious program as Troj/FakeAV-CMG.
Remarking about the above malware campaign, Senior Technology Consultant Graham Cluley at Sophos writes in his blog post that it is still not precisely known as to how the affected people on Twitter have discovered their accounts hijacked through the manner described. Obviously, the resultant suspicion is likely to be that their user-IDs and passwords have become exposed. Hence, as a precautionary measure, people who've discovered their accounts on Twitter strangely distributing goo.gl shortened web-links, should instantly reset their passwords, Cluley suggests. Nakedsecurity.sophos.com published this on January 20, 2011.
Eventually, it isn't the first time that Twitter has been attacked in this manner. During December 2010, users encountered condensed web-links, which diverted them onto a hijacked website belonging to some furniture company in France prior to taking them onto more sites. At that time, the malevolent URLs reportedly, led onto the Neosploit exploit kit.
Related article: Malware Authors Turn More Insidious
» SPAMfighter News - 29-01-2011