New Twitter Worm Attacks

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Symantec's Sammy Chu reported in a forum post that the company has found a new version of a Twitter worm.

The worm spreads through fake twitter invites that contain a malicious attachment called "Invitation Card.zip" which contains the malware installer.

Once a victim clicks on the file, it installs on a user's PC and "spreads by copying itself to removable drives and shared folders," Chu wrote.

"As Twitter continues to gain popularity among social networking users, people are regularly receiving invitations and email updates from fellow users. We expect that spammers will continue to use Twitter and other popular social networks as bait in their attacks," Chu said.

The news comes as the importance of Twitter is growing, with one of its investors recently claiming the service will be bigger than Google. But as its popularity grows, Twitter's ecosystem is getting polluted as criminals are drawn to the traffic that they can cash in on, even if Twitter cannot.

Can Web 2.0 clean up its act?

Security experts have been warning for some time that social networks are a magnet for malware. The combination of flexibility, which allows users to upload software, and trust, as users build networks of friends, make hackers eager to exploit the medium, which they are doing with new custom-designed tools.

The results so far are not promising for the safety of fans of the new media. Twitter has faced a variety of assaults, including a cross-site scripting worm in April and a simple bad link attack in February that relied on social engineering.

Attackers have also preyed on ancillary services, most recently infecting the Cligs URL shortening service.

Experts have warned that when attackers steal accounts on Facebook, they could obtain access to other sites if users re-use their credentials.

Still, Web 2.0 is not going away. Birmingham City University in the UK is offering a masters degree in social media, and recent Twitter adopters include the Army and a number of restaurants, neither of which are famous as early adopters of new Web technology.

Article courtesy of InternetNews.com.