Cyber criminals target Twitter
Tiny URL: http://tinyurl.com/5rkc4q
The new darling of Silicon Valley, Twitter, has been target by cyber criminals. A fake Twitter profile with a malicious payload has been spotted by security firm Kaspersky. It links to a pornographic video but downloads a fake version of Adobe Flash which installs programs capable of stealing data. The attack is believed to be the first to target Twitter.
This profile has been created especially for infecting users, as there is no other data except the photo, which contains the link to the video. If an unsuspecting curious visitor clicks on the link, they get a window that shows the progress of an automatic download of a so-called new version of Adobe Flash which is supposedly required to watch the video. The victim ends up with a file labeled Adobe Flash (it’s a fake) on your machine.
In reality, this is a Trojan downloader that proceeds to download 10 banker Trojans onto the infected machine, all of which are disguised as MP3 files.
The attack is believed to have originated in Brazil because of the language it uses, the servers it calls on to download trojans and the e-mail address used to collect stolen data. The fake profile has a name that means “pretty rabbit” in Portuguese. It tries to convince users to download the fake Flash video viewer in order to watch the associated video.
It comes as Kaspersky also releases details about two worms that target social networking sites MySpace and Facebook. More variants of these worms are also starting to turn up.
The worms transformed victims’ machines into zombie computers, used by criminals to send spam, launch phishing attacks and harvest data.
“Unfortunately users are very trusting of messages left by friends on social networking sites so the likelihood of a user clicking on a link like this is very high,” said Alexander Gostev, a senior virus analyst at Kaspersky Lab.
Only those using Microsoft Windows are vulnerable to infection from these malicious programs.
