Sophos Warns of Twitter DMs Pushing Malware
The messages link to a Web page that attempts to install a backdoor Trojan.
According to Sophos' Graham Cluley, Twitter users are being targeted by spammed direct messages that contain malicious links.
"Although the messages vary, the common thread between all of them is that they contain a 'facebook.com/________' link and mention that a video of you has been posted on Facebook," writes WebProNews' Josh Wolford. "'Your in this facebook.com/________ video, LOL' reads one spam message, while another says 'you even see him taping u, that’s awful.'"
"Users who click on the link are greeted with what appears to be a video player and a warning message that 'An update to Youtube player is needed,'" Cluley writes. "The webpage continues to claim that it will install an update to Flash Player 10.1 onto your computer. In this example, the program you are being invited to download is called FlashPlayerV10.1.57.108.exe, and is detected by Sophos anti-virus products as Troj/Mdrop-EML, a backdoor Trojan that can also copy itself to accessible drives and network shares."
"Naked Security said it is not yet clear how users' Twitter accounts are being compromised to send the DMs, as Twitter DMs can only be sent between users of that social network who follow each other, which makes these spam messages more dangerous, as they appear to come from trusted users," notes AllFacebook's David Cohen.
"Though the source of the hack has not been discovered, Cluley said that the attack underlines the importance of not clicking links willy nilly just because it was allegedly sent by a trusted friend," writes PCMag.com's Stephanie Mlot. "Those whose Twitter accounts have been compromised should change their passwords and revoke permissions of any suspicious apps with access to your account."