Cyber criminals are using hijacked Twitter accounts to spread malware via tweets containing malicious links, according to security firm Trusteer.
Trusteer discovered a version of the TorRAT malware traditionally used to target financial institutions being spread via Twitter on Monday.
"Trusteer has recently identified an active configuration of TorRAT targeting Twitter users. The malware launches a Man-in-the-Browser (MitB) attack through the browser of infected PCs, gaining access to the victim's Twitter account to create malicious tweets," the firm said.
The infected tweets come from legitimate accounts, making victims far more willing to click on the infected links, thus infecting their machines with malware.
"This attack is particularly difficult to defend against because it uses a new sophisticated approach to spear-phishing. Twitter users follow accounts that they trust," Trusteer said.
"The fact that the tweets include shortened URLs is not concerning: Twitter limits the number of characters in a message, so followers expect to get interesting news bits in the form of a short text message followed by a shortened URL. However, a shortened URL can be used to disguise the underlying URL address, so that followers have no way of knowing if the link is suspicious."
Trusteer said that businesses with robust cyber defences will remain safe, though those without will likely find it difficult to contain the incident after infection.
"This type of attack increases the need for enterprise exploit prevention technology: By blocking the exploitation of vulnerable endpoint user applications, like browsers, and preventing the malware download, exploit prevention technology stops the attack and prevents the malware from spreading and infecting more users," added the firm.
Twitter is one many new mediums being used by criminals to spread malware. Prior to it attacks have been detected using other social networking services like Facebook and Skype to spread malware. Most recently, Kaspersky Labs reported over 170,000 Skype users had fallen victim to a new cyber scam targeting them with malicious web links being sent via the firm's instant messaging service.
Kicking Palantir off of AWS is among their demands, too
Rafaela Vasquez was watching The Voice at the time of the crash, new evidence shows
PUBG price slashed on Steam after selling more than 50 million copies - as daily player numbers plunge
Use the same password for every website? It might be time to change them all