Twitter Targeted by Malware Attacks

August 5th, 2008 at 12:00 am

twitter malware hackers virus

How did viruses and malwares spread?  Way before the internet it was physically transferred from machine to machine via floppy disks.  Then when the internet came, e-mail became the first choice especially with under the cover of spam.  Other hackers would also put their software on dedicated web sites as a starting point to wreak havoc.  Today, the Web 2.0 environment has provided criminals a new and more effective medium to spread their viruses, spywares and malwares.  We all use it and we all fuel it, it’s called social media.

And the epitome of the social media is the microblogging service.  It’s simple, easy to use, and accounts are disposable therefore sort of untraceable. Right now, the biggest name in microblogging is Twitter.  Therefore, it’s not surprising that hackers are using Twitter as a platform for their operations.

Recently, Kaspersky labs have uncovered a Twitter account that’s being used to spread malware over the web.  The account name is in Portuguese  which in English means "pretty rabbit."  This profile has obviously been created especially for infecting users, as there is no other data except the photo, which contains the link to the video.

The profile contains a URL which seems to lead to a pornographic video (sex always sells).  Instead, when clicked, it automatically downloads a fake "Flash Player" (required to view the said video).  This download ends up placing a file labeled Adobe Flash on the computer.   In reality, this is a Trojan downloader that proceeds to download 10 banker Trojans onto the infected machine, all of which are disguised as MP3 files.

"This technique does not require any serious programming skills – buy some Trojans, upload them onto a web server and create a chain of Twitter profiles following each other.

Then you only need to post the link in a social network. Unfortunately, Google indexes un-protected Twitter profiles, so malicious pages built and marketed with good social engineering tactics end up high in the rankings." According to Viruslist Blog.

Twitter has not yet had any comments about this issue and with their platform being used to spread spam and trojans, I’m sure they’ll come up with a security measure soon.