All the latest UK technology news, reviews and analysis
|
|
|
04 Jun 2009
A new Twitter attack is infecting users with a rogue anti-virus download. The malware is spreading through the site in the form of posts from hijacked user accounts.
The posts contain the words 'best video' and a link to an external domain. On clicking the link, the user is taken to a fake video page which launches a background attack script.
The script attempts to install and launch a maliciously crafted PDF file which delivers the actual malware payload.
Rather than infect users with data-stealing malware or botnet controllers, the Trojan installs a fake program called 'System Security'.
As with other rogue anti-virus products, System Security presents false malware scans and alerts in an effort to dupe the user into paying for a non-functioning security tool.
Twitter claims to have suspended the offending accounts and resolved the issue, but users are still advised not to click on suspicious links.
Kaspersky Labs researcher Roel Schouwenberg suggested that the attacks may be related to a phishing run recently spotted on the site, and that the compromised accounts were the same as those being used to post the attack video.
"This attack is very significant. It would seem that at least one criminal group is now exploring the distribution of for-profit [malware] on Twitter," he wrote in a blog post. "If the trends we've seen on other social platforms are any indicator for Twitter, we can expect an increase in attacks."
Latest stories from Web
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Hands on with the highly anticipated Android 4.0 Ice Cream Sandwich hybrid tablet
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Cisco Voice Support (IPT, Unified Communications) Cisco...
Business Analyst - Finance, Retail Banking/Core Banking...
Senior C# Developer Senior C# Developer required for...
GREYWOOD ASSOCIATES are currently recruiting for an experienced...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Culture Of Twitter Users Makes Them A Perfect Target
Given the latest attack on Twitter, it seems that you can no longer assume that you are safe from spyware/malware/viruses by practicing safe internet habits. It used to be that if you were reasonably cautious with your internet habits, you could avoid becoming a victim of malicious software. Staying on large well known and reputable websites meant that you were protected from these criminals that prey on you with never ending schemes to steal your money and/or your identity. It used to be that if you didn't download stuff from questionable websites or open strange emails, that this kind of attack wouldn't happen to you. That may not be true any longer. The recent attack on Twitter users seems to demonstrate that anybody can become a victim at anytime, if you let your guard down for just a second. With it's enormous popularity Twitter has quickly become an internet sensation. Everyone is using it from superstars to Joe six pack. You think you would be safe from perhaps one of the most sophisticated malicious software programs ever written. However given the culture of instant communications with Twitter users and the quick short little answers that have become famous, it seems that maybe this is the perfect target for just this sort of attack. If you are used to feeling safe from spyware and viruses and you couple that with the way people use Twitter, it is surprising that it took this long for this to happen. Given the culture of instant gratification that Twitter offers, I don't think it is safe to assume that this will be an isolated incident. I don't even think that we have scratched the surface yet. I think that Twitter users will become a very juicy target for every cyber criminal able to write malicious software code. It is absolutely vital that you protect yourself the best you can against these online threats. Considering that you can easily become a victim of spyware or viruses even on the the most well known websites, you need to educate yourself and prepare yourself. There are 3 types of software that every computer should have installed if it accesses the internet. The first is an antispyware software, known as spyware blockers/spyware removers. There is a difference between a spyware remover and a spyware blocker, so consider getting a piece of software that offers both in one. The second and third softwares are antivirus and firewall software. Each one of these 3 software types offers a different type of protection, but all 3 are necessary for top-notch protection. The software that I use is called Zone Alarm Extreme Security. It includes every component that is required for safe online browsing as well as a few extras. You can find it here http://www.spywareblockersinc.com/internet_security_suites/ If you are not able to afford purchasing software protection, or just don't want to, you can get a free antispyware program called Spybot search and destroy. Although it is not as effective as the type of protection that you pay for, it is still better than nothing, by far. You can find it here http://www.safer-networking.org/en/home/index.html You can also pick up a limited version of free antivirus software called AVG Free edition here http://free.avg.com/download-avg-anti-virus-free-edition?cmpid=fr_bn_free_670 If you are not buying protection, make sure to pick up both of these free softwares and use them together.
Posted by: Jim 04 Jun 2009
Removal
I have found that the fake security Centre is not detected/removed by any of the tools offered in the previous post, but these two tools do remove it (as of date of posting) these are Malwarebytes (from www.malwarebytes.org) or ComboFix (from www.bleepingcomputer.com)
Posted by: Trevor 04 Jun 2009
Its more the user that's the vulnerability
However, as more than one person has said, all the antivirus in the world won't stop someone anxious for free porn. The antiviruses are more or less the same as the companies share signature code, its just you get more features/faster scanning etc with some.
Posted by: JH 04 Jun 2009