Twitter hit by ANOTHER attack - but this ain’t no worm
By Asavin Wattanajantra in Editorial
Posted in worm, social engineering, phishing, Twitter, Security on
If you’ve followed IT PRO for any length of time, you’ll probably know that Twitter has been suffering security wise all year.
The latest attack that became public on the weekend was first believed to be a cross-scripting worm, similar to the worm that a 17-year old managed to unleash on the Easter weekend.
However on closer inspection this isn’t all there is to it, according a post on Kapsersky’s Viruslist blog.
When clicking the link to tweets reading ‘best video’, a connection is quietly made to another server resulting in a malicious PDF being downloaded, which contains several exploits.
However, instead of a worm being downloaded with a successful exploit, a fake program will be downloaded, advertising fake anti-virus software.
The researcher couldn’t find any worm-like component, although the alert made it look like there was worm activity.
An explanation for this could simply be that the criminals behind the attack were using the stolen credentials of accounts which had been phished a week ago.
The blog said : “The attack is very significant. It would seem that at least one criminal group is now exploring the distribution of for-profit on Twitter.
“If the trends we’ve seen on other social platforms are any indicator for Twitter then we can only expect an increase in attacks.”
Twitter seems to be regularly hit with some sort of security scare, ever since January when a teenage hacker managed to take over high-profile accounts, while even celebrity twitterer Stephen Fry fell victim to a phishing attack.
We’ve also seen how a security researcher has said that Twitter’s API, used to make third party applications, is inherently flawed.
IT PRO has constantly tried to get in touch with Twitter simply to have some kind of statement, but has so far just come across a brick wall.
So what’s Biz and co gonna do? You can’t make money on something which is inherently unsafe (or can you?).
Not yet rated
Loading ...
Tag cloud
Most commented posts
- Ten reasons why people are leaving MySpace
52 comments
- My Michael Jackson blog post
- Ten reasons why World of Warcraft is better than Second Life
- Facebook user arrested for poking somebody
- What should the staff writer have as his smartphone?
- Beware of hacked Facebook applications
- Ten funny sightings on Google Street View
- Twitter didn't actually get hacked - Google did
- Microsoft sues firm for instant messaging spam
- Joining the sheep - I'm getting an iPhone
Highest Rated Blog Posts
- Ten tips to avoid your satnav driving you over a cliff (100%)
- Does unfiltered internet 'disturb children'? (100%)
- The brain-controlled laptop computer (100%)
- Why Twitter is a better news tool than Digg (100%)
- Apple and its obsession with secrecy (100%)
- Twitter isn't for teenagers? It's common sense. (100%)
- Farming and becoming a Godfather with Facebook (100%)
- Orange and the iPhone - competition is a good thing (100%)
- Bendy phones straight out of the future (93.4%)
- How Pirate Bay sticks two fingers up at the industry (80%)
