According to the security firm Sophos, who seems to be on top of every single major spam attack that happens on the internet these days, a widespread spam attack that links to malware has weaseled its way onto Twitter. The tweets that are trying to lure unsuspecting users in include things like: "It's you on photo?" or "It's about you?" In addition to that, the tweets and URLs typically include a user's Twitter handle. Many of the links that Sophos has discovered include a .RU domain name.
According to Head of Sophos' U.S. Labs Richard Wang, "The attack itself is very simple, relying on people's natural curiosity about anything they think mentions them. Including the target's Twitter username in the link is an added hook to reel people in." Twitter added through a spokesman's email saying, "We're aware of the issue and we're working to resolve it."
The links in the tweets themselves lead to a Trojan that ultimately redirects users to Russian websites that contain the Blackhole exploit kit, according to Sophos. The Blackhole exploit kit first emerged back in 2010 and is widely used in spam attacks. The version of the kit that is floating around Twitter targets vulnerabilities in Adobe Reader and Shockwave Flash, Sophos discovered.
If you feel that you have been affected by the spamming attacks, or you just want to take precautions against it in general, then you can protect yourself by updating your anti-malware software, patching your operating system and making sure your browser and browser plugins are up-to-date. In addition to that, you could just be smart and not click on anything on Twitter that you don't recognize.
Source: Computer World - Twitter suffers malware spam outbreak
According to Head of Sophos' U.S. Labs Richard Wang, "The attack itself is very simple, relying on people's natural curiosity about anything they think mentions them. Including the target's Twitter username in the link is an added hook to reel people in." Twitter added through a spokesman's email saying, "We're aware of the issue and we're working to resolve it."
The links in the tweets themselves lead to a Trojan that ultimately redirects users to Russian websites that contain the Blackhole exploit kit, according to Sophos. The Blackhole exploit kit first emerged back in 2010 and is widely used in spam attacks. The version of the kit that is floating around Twitter targets vulnerabilities in Adobe Reader and Shockwave Flash, Sophos discovered.
If you feel that you have been affected by the spamming attacks, or you just want to take precautions against it in general, then you can protect yourself by updating your anti-malware software, patching your operating system and making sure your browser and browser plugins are up-to-date. In addition to that, you could just be smart and not click on anything on Twitter that you don't recognize.
Source: Computer World - Twitter suffers malware spam outbreak