Browser Crasher Campaign Targets Twitter Users

Trend Micro researchers recently observed an increase in the volume of attacks targeting Twitter users in Japan that cause the victim’s browser to crash.

“To do this, the user has to be lured to visit a particular site with the JavaScript code,” explains TrendLabs threat analyst Okamoto Katuyuki. “So long as the browser tries to open that site, the user will be unable to browse websites normally.”

Victims are lured to malicious sites via links in Twitter messages. When they click on the link, they’re presented with a popup that tells them they won’t be able to exit the page — clicking on the ‘OK’ button simply prompts a new popup to appear.

“What the JavaScript does is actually quite simple,” Katuyuki writes. “The JavaScript within the site contains the code to create a pop-up, as seen above. However, this code is placed inside an infinite loop — as soon as the user closes one alert, the code triggers again and opens another pop-up in a never-ending cycle that continues as long as the site is open.”

This isn’t actually dangerous — nothing is downloaded to the victim’s PC or mobile device — but it can be incredibly annoying. On a PC, you can get out of the infinite loop by simply closing the window or tab that contains the popup. On a mobile phone, Katayuki suggests turning on airplane mode, restarting the phone, opening the browser, then closing the tab in question.

Katayuki notes that a similar method was used in 2011 to render a Japanese chat site unusable — the attacker in that case was identitied by Japanese police and arrested.

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles