Twitter phishing results in scareware spam
Tuesday, June 2, 2009
Web security researchers from Kapersky have identified spam on Twitter that appears to be the second stage of an earlier phishing attack on the social networking site.
The phished accounts were used last Saturday to send out messages or tweets that directed Twitter users to go to a YouTube spoof site to see a "best video." Users who visited the site could have had their PCs infected through vulnerable versions of Adobe Reader.
Those users would then be warned that their computer had been infected with a phony virus in order to get them to purchase a fake anti virus program called "System Security."
It's a common attack used by cybercriminals to make money by selling fake anti virus products called scareware or rogueware.
However, researchers said the attack could signal an onslaught of spam attacks on Twitter similar to those experienced on Facebook and MySpace.
Twitter's security team wasn't letting on that anything serious could be amiss. In a Twitter status update on the site on Saturday, the company told users not to visit any juste.ru domains. The company closed down previously hacked accounts for clean-up.
Later on Saturday, Twitter said "everyone should be squeaky clean! No personal information was compromised as a result of this attack."
Related News:
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
Report: 'At least 34' firms attacked at the same time as Google - 1.15.2010
The Washington Post asserts that many U.S. companies were targeted in the same network security and email breach that affected Google and provoked the company's highly publicized spat with the Chinese government.
|
