Symantec has warned that smartphone malware is increasingly being spread via Twitter, as crooks seek to maximise the exposure their dodgy software receives.
According to Symantec one mobile malware operation sent out over 1,500 tweets from 50 bogus accounts in just one hour.
The so-called Android.Opfake trojan, which covertly sends text messages to premium rate numbers when installed, has been particularly prominent on Twitter, said Joji Hamada, a security researcher at Symantec.
“These tweets typically contain short URLs and the message is mainly in Russian with some English terms included. Once the user visits the site, they are prompted to install the malicious application,” he wrote on the firm's Security Response blog.
Hamada said that Twitter was attractive to malware writers, as it provided a convenient way to advertise websites hosting their code, especially as many Twitter users access the service via their smartphone.
While Twitter users will inevitably be aware of bogus accounts, where tweeters with no followers pump out a stream of dodgy links, criminals are getting more sophisticated at disguising such accounts, warned Hamada.
Some of the accounts are starting to have credible user names and include profile information, designed to give the account the veneer of authenticity.
Popular hashtags include those related to software, mobile devices, pornography and even dieting topics, are also being included in messages, said Hamada.
It's not just mobile malware that smartphone users need be wary of, though, as last week a test of Android anti-virus tools showed that two-thirds were not good a detecting potential threats, while a handful of the products available did nothing at all to protect users.
Just take my money. Now, where do I sign?
Connected cars need built-in IT security - especially self-driving cars, claims Blackberry
Chinese authorities considering even harsher crackdown on cryptocurrencies
Tavis Ormandy claims that Transmission developers ignored Google Project Zero security warnings