Twitter Bird Catches Anti-Virus Scam Worm

Thousands of Twitter users are believed to have been hit with malicious links tied to a rogue anti-virus scam that was circulating the micro-blog service. The company took action and eliminated the problem within hours.

The scam spread through malicious links by abusing the goo.gl URL shortening service. According to Kaspersky Lab, the malicious links redirect users to different domains with a ‘m28sx.html’ page. That HTML page redirects users to a static domain with a Ukrainian top-level domain. From there, blogged Kaspersky Lab senior malware researcher Nicolas Brulez,  the user is redirected to an IP address pushing fake anti-virus.

Twitter Responding Rapidly To Threat

“Once you are on this Website,” Brulez blogged, “you will get [a] warning that your machine is running suspicious applications and you are encouraged to scan it… The user is invited to remove all the threats from their computer and will download a fake Anti Virus application called Security Shield.”

Del Harvey, director of Trust and Safety for Twitter, tweeted during the day that the company was working to remove the malicious links and reset passwords on compromised accounts.

“What isn’t yet clear is how the Twitter users found their accounts compromised in this way,” blogged Graham Cluley, senior technology consultant at Sophos. “The natural suspicion would be that their usernames and passwords have been stolen. It certainly would be a sensible precaution for users who have found their Twitter accounts unexpectedly posting goo.gl links to change their passwords immediately.”

These kinds of attacks are hardly new to Twitter. In December, users were targeted with shortened links that redirected them to the compromised site of a French furniture company before passing them on to other domains. In that case, the malicious URLs pointed to a copy of the Neosploit attack toolkit.

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Share
Published by
Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

18 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

19 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

20 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

22 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

1 day ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

1 day ago