Twitter attacked by malware spam

Twitter attacked by malware spam

Tags:    Blackhole   malware   Sophos   Twitter

By Cameron Scott, IDG News Service (San Francisco Bureau) | Aug 1, 2012

A widespread spam attack linking to malware has broken out on Twitter, according to the security firm Sophos.

The malicious tweets often read "It's you on photo?" or "It's about you?" The tweets and URLs often include a user's Twitter handle. Many of the links Sophos discovered have a .RU domain name.

"The attack itself is very simple, relying on people's natural curiosity about anything they think mentions them. Including the target's Twitter username in the link is an added hook to reel people in," Richard Wang, head of Sophos' U.S. labs, said in a statement.

"We're aware of the issue and we're working to resolve it," a Twitter spokesman said via email.

The links in the spammed tweets lead to a Trojan that ultimately redirects users to Russian websites containing the Blackhole exploit kit, Sophos said.

The Blackhole exploit kit first emerged in 2010, and its use is widespread. The version of the kit being promoted on Twitter targets vulnerabilities in Adobe Reader and Shockwave Flash, according to Sophos.

Users can protect themselves by updating their anti-malware software, patching their operating system and making sure their browser and browser plugins are up-to-date, Wang said.

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
Verification Code
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
 

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Accelerating the Deployment of the Evolved Cyber Range
Ixia BreakingPoint creates an Internet-scale cyber range environment from a single 7-inch-high device for arming and training cyber warriors. Learn how BreakingPoint can be used by organizations to defend national interests by assessing, educating, and certifying elite cyber warriors and equipping those forces to harden the resiliency of critical network and data center infrastructures.
A Six-Step Plan for Competitive Device Evaluations
This paper presents a six-step methodology for conducting competitive product evaluations that provide advance insight into the performance, security, and stability of devices within production network and data center environments. Following this will give insights on how to evaluate and select the network or security devices for Enterprise, Federal, and Carrier Infrastructures
 
 
 
A Case Study of Eurograbber: How 36 Million Euros was Stolen via Malware
This is a case study about a sophisticated, multi-dimensional and targeted attack that stole an estimated 36+ million Euros from more than 30,000 bank customers from multiple banks across Europe.
Symantec, Singapore school partner to nurture next-generation security talents
Symantec Corp. and the Singapore Management University will jointly train and equip IT security professionals with the latest knowledge and skill sets in information security.