Twitter attacked by Virus Hackers
The internet security firm Kaperksy yesterday reported that Twitter has been used to dupe followers into installing a malicious trojan horse on a visitors computer. The profile was in Portugese and according to Kaperksy, has all the footprints of Brazilian hackers ranging from the Portuguese, to the web servers hosting the banking malware to the email embedded in the malware which is used for receiving data from infected machines.
The Twitter account had a link to a video. Kapersky noted that :
If you click on the link, you get a window that shows the progress of an automatic download of a so-called new version of Adobe Flash which is supposedly required to watch the video. You end up with a file labeled Adobe Flash (it’s a fake) on your machine; a technique that is currently very popular.
In reality, this is a Trojan downloader that proceeds to download 10 banker Trojans onto the infected machine, all of which are disguised as MP3 files. We first detected the downloader proactively as Heur.Downloader and then added a signature to detect it also as Trojan-Downloader.Win32.Banload.sco.
I can understand how these criminals could be successful with this technique. Most net savvy people are conscious about the threat of viruses when they are browsing the web however they are less likely to doubt the links of Twitter Friends, not to mention the fact that Twitter masks URL’s so it’s difficult to know what you are clicking on sometimes. We rarely know our social media buddies yet at the same time, we trust them for links, sometimes too much.
Twitter could help a little by not masking URL’s. It wouldn’t solve the problem but at the very least you would have an idea of what you were clicking on.
One thing that scares me is apparently how easy it was for the hackers to do this.
This technique does not require any serious programming skills – buy some Trojans, upload them onto a web server and create a chain of Twitter profiles following each other.
Then you only need to post the link in a social network. Unfortunately, Google indexes un-protected Twitter profiles, so malicious pages built and marketed with good social engineering tactics end up high in the rankings.
I’m not suggesting we don’t follow links on Twitter though I do think Twitter users should watch out for this kind of thing and if you see anything dodgy like this tweet or blog about it so that word gets around that the Twitter user isn’t to be trusted.
Link : Social engineering on Twitter
Illustration Design | August 5th, 2008 at 2:16 pm #
Wow, that’s some pretty devious & down right criminal stuff there. A lot of countries are starting to crack down on hackers in their new internet policies. It’s just sad to see so many people get robbed Via Online credit & personal info. that was harvested Via Malwares / Trojans / Etc…
Sometimes it’s a sad, sad world we live in. Other times, we close our eyes to it when it doesn’t directly effect us & the world somehow seems like a better place.
Si Philp | August 5th, 2008 at 3:12 pm #
If someone adds me in twitter, and they look anything like a spammer etc then it’s instant block. I only follow people/let people follow me who i have a common interest etc in.
Unfortunately it’s the same with everything, where there is a will there is a way. It’s a shame that some people who go online for the 1st time experience something bad like this and decide “internet isn’t for me”. Comes down to awareness.