Twitter rogue app hits thousands &gt; Malware &gt; Vulnerabilities &amp; Exploits &gt; News &gt; SC Magazine Australia/NZ

Friday, March 18, 2011

Twitter rogue app hits thousands > Malware > Vulnerabilities & Exploits > News > SC Magazine Australia/NZ

Vulnerability Alerts

SANS

Infocon: green

Wipe, rinse and repeat, (Fri, Mar 18th)

Microsoft

Microsoft Security Bulletin Summary for February 2011

MS11-012 - Important: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628) - Version:2.0

CERT/CC

SA11-067A: Microsoft Updates for Multiple Vulnerabilities

SA11-039A: Microsoft Updates for Multiple Vulnerabilities

Latest Comments

Kevin D This is where it gets really tricky with the TSA; the govt itself can't make and put the parts...
Contractor jailed for poisoning database · 2 months ago

anonimoos Tired old arguments: We do not want to do it cos we think it dont work, so someone else should...
European ISPs fight mandatory filter · 2 months ago

Anon Snapple Anonymous didn't become recently famous in 2010 because of the attacks against Mastercard, Visa,...
Anonymous takes on Tunisian Government · 2 months ago

Kevin Stark Whilst I appreciate the support for the openness of the Internet and concerns about other...
UN talks on Internet Regulation labelled "offensive" · 2 months ago

John If we are going for assange then we better go for everyone who has no clearance to view the...
WikiWars: blow by blow · 3 months ago
Powered by Disqus

Malware

Twitter rogue app hits thousands

Related Articles

SQL injections dominate malware in 2010

(Un)happy birthday: The computer virus turns 40

Twitter introduces secure HTTP

Twitter boosts security with HTTPS

Twitter gets 20 years' good security bond

M86 social media scanner takes the worry out of surfing

Public mistrusts social media with data: survey

By Tom Brewster
Mar 15, 2011 10:56 AM
Tags: Twitter | malware

Scammers try to lure Twitter users into becoming part of their dirty game.

Thousands of Twitter users have fallen victim to viral scams spreading fast across the site, a security firm has warned.

Messages went out attempting to lure users into following links, with one scam focusing on a girl who purportedly committed suicide, Sophos said.

Del Harvey, director of trust and safety at Twitter, notified users about the problem via her own account.

“Seeing msgs about someone committing suicide after a parent posted something on their wall? Yeah, it's a spam app. Don't auth it,” Harvey posted.

About 9000 users had clicked on these links, taking them through to a rogue app, which then attempted to connect with their Twitter accounts, Sophos explained.

Once the scammers gained access to accounts, they could relay the messages across Twitter to snare yet more users. They could also generate money by getting users to click through to online surveys.

In another group of tweets, the perpetrators used a rogue application called Your Online Timer, pushing out messages which claimed users could calculate how long they had spent on Twitter.

Victims of that scam had a status update automatically placed on their accounts, again containing the same link.

Sophos warned scammers could use account access to post messages linking to malicious websites, phishing attempts or other spam campaigns.

“The last thing you want is for your Twitter followers to believe that you are being sloppy over your account's security, and potentially putting them at risk, too,” said Sophos senior technology consultant Graham Cluley.

These breakouts come shortly after Twitter announced a new, hidden security feature on the site, which scanned all links going through the service.

“By routing all links submitted to Twitter through this new service, we can detect, intercept and prevent the spread of bad links across all of Twitter,” Harvey wrote last week in a blog.

“Even if a bad link is already sent out in an email notification and somebody clicks on it, we'll be able keep that user safe.”

Recent data from Barracuda Labs showed the Twitter crime rate had shot up 20 percent, further indicating businesses needed to be careful about how they and their employees used the service.