Twitter worm leads users to fake and malicious site


A nasty worm on Twitter preys on users who click on a shortened link that takes them to a fake anti-virus site for "Security Shield" software. Once there, the aim is to get users to download what is billed as anti-virus protection, but is really malicious code.
If this seems like deja vu, it is: the same worm appeared early last month on Twitter, the short-messaging blog where posts are limited to 140 characters, and website URLs are often shortened to help reduce character count. The worm is using Google's URL shortener, "goo.gl" to entrap users.
"If you make the mistake of clicking on one of the malicious goo.gl links you are ultimately taken to a website which attempts to scare you into believing that you have a virus problem on your computer," writes Sophos' Graham Clueley on the security software company's blog.  "You are then frightened into installing malicious code on your PC, and asked to pay money to disinfect your systems."
Clueley wrote that it "isn't yet clear is how the Twitter users found their accounts compromised in this way. The natural suspicion would be that their usernames and passwords have been stolen.
"It certainly would be a sensible precaution for users who have found their Twitter accounts unexpectedly posting goo.gl links to change their passwords immediately," the same advice Twitter itself is offering.

Read More


Post a Comment


My Blog List

Privacy Policy

Beginning in April, 2009 Google will begin tracking user activity via a cookie. This cookie will then determine what ads might be most appropriate for you, based on your interests. People who frequently visit ESPN.com and CNNSI.com, for example, will see sports-related ads.

The logic is that you will be more interested in these ads than you might be in ads that are simply related to the content of the blog.

For more information, or to opt out, go to Google Privacy Center. There is a blue "opt out" button in the upper right corner.

If you opt out, you will continue to see ads, but they will be related to the content of the blog - something that does not require a cookie.

Privacy Clause

We use third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, Check this link! Google Privacy Center.