Holiday Twitter Topics Concealing Malware

Hackers this week have been extremely busy devising new Twitter-based campaigns using popular – but bogus – holiday topics to help distribute malware through the popular microblogging site.

A quick click on the shortened URLs embedded in several thousand tweets with holiday-themed titles, such as “Nobody Cares About Hanukkah” or “Shocking Video of the Grinch,” can infect a user’s PC or mobile device with malware that is then shared among other followers in short order.

“Clicking on the link [leads victims] to a fake codec site, which would then attempt to exploit your system with a PDF vulnerability on top of prompting you to download a malicious ‘codec,’ which in reality is a generic Trojan downloader,” Sean-Paul Correll, a threat researcher at security software vendor Panda Security, wrote in a security advisory posting.

Twitter has been hit by a number of similar socially engineered scams in the past year. Just like a garden variety Black Hat SEO campaign, hackers flood the Twitterverse with tweets on popular or timely topics and then sit back and wait for unsuspecting victims to retweet themselves into a malware-induced malaise.

On Thursday alone, PandaLabs researchers said they identified more than 300 Twitter accounts that were specifically targeting various trending topics on the site.

“These attacks are not as frequent as the Black Hat SEO attacks we observe on a daily basis, but they do pop up from time to time,” Correll added. “We have always suggested [users] avoid any links in the trending topic area of Twitter for this very reason.”

Not surprisingly, cyber crooks are using anything related to the holidays as enticing lures to get people to infect their mobile devices and PCs and spread even more spam and malicious content to their friends, families and colleagues. This year, scams offering free Apple iPads have been especially prevalent.

But hackers aren’t limiting their devious campaigns to reindeer and dancing elves. Hot topics ranging from the Sundance Film Festival, the World AIDS Day campaign, and anything related to actor Morgan Freeman’s botched speech calling for the U.S. to host either the 2018 or 2022 World Cup soccer tournament, return thousands of malicious tweets with truncated URLs.

To avoid becoming the next victim hoodwinked by a holiday-themed tweet, PandaLabs and other security software vendors advise Twitter users to avoid clicking on any suspicious links sent from unknown sources—particularly on seasonal or popular culture topics that are in the news—and to update their security software applications on a regular basis.

Larry Barrett is a senior editor at, the news service of, the network for technology professionals.

For regular security news updates, follow eSecurityPlanet on Twitter:@eSecurityP.

Larry Barrett
Larry Barrett is an eSecurity Planet contributor.

Top Products

Related articles