Twitter Worm Lures Victims into Scareware Trap
Security researchers at Kaspersky Lab are warning of a new fast-moving Twitter worm that's redirecting people to a bogus anti-virus software site.
Security software vendor Kaspersky today is warning Twitter users to be on the lookout for a new worm that's distributing malicious links that eventually redirects victims to a fake anti-virus software website.
Shortened URLs, commonly embedded in the body of 140-character tweets, have become a favorite target of hackers who know that many people using the microblogging service are far more likely to click on a link in a tweet before thoroughly vetting the link.
Malicious links to scareware sites have become more and more common as hackers aggressively mine social networking platforms for personal information they can then use to create more authenticate-looking malware lures.
Once the worm has redirected Twitter users to the scareware site, the scam really takes flight. It informs the intended victim that his or her "machine is running suspicious applications" and prompts users to run a scan. The subsequent scan identifies alleged threats and advises users to click to remove the threats.
Of course, this move results in the download of the fake "Security Shield" application.
In September, a similar malware campaign derived from the "onMouseOver" Twitter worm infiltrated thousands of Twitter accounts, redirecting followers to malware-laden pornographic sites and spreading more malicious content throughout the Twitter community.
Kaspersky and other leading security software vendors continue to warn Twitter and Facebook users to exercise some judgment and caution while surfing around their favorite social networking sites.
"Bear in mind that clicking on random links may lead to severe infection of your machine," Brulez said.
Keep up with security news; Follow eSecurityPlanet on Twitter: @eSecurityP.