Twitter as a trojan delivery mechanism

Computer Virus

There was an interesting write-up this morning on Kaspersi’s blog (the guys who make the antivirus) talking about a rogue Twitter profile that broadcasts links to a site spreading malware pretending to be a Flash player which then downloads and installed up to 10 banker trojans. This is not the first time security issues around Twitter have been discussed, but this one is interesting in that the technology behind it is quite simple, but the social engineering principle are quite scary. First of all, the confidence that people build up using Twitter is exploited as the URLs don’t look suspicious.Then there’s the fact that the malware pretends to be something Adobe created. It’s using the trust that Adobe have built over the years to pry access into the user’s domain.

Twitter themselves promise to be on the lookout for this sort of exploit, but it’s pretty difficult to monitor this sort of thing. They could use automated tools to scan URLs as soon as they are submitted. This itself would need tremendous computing power, but it doesn’t stop someone repointing the URL after it has been scanned. The best defence here is to be vigilant and to treat circumstances where someone promises an unrequested freebie as suspicious. Whether it’s a free supply or best diet pills, or free access to a website you normally need to pay for, the question you should be asking is: why?

Thinkstock Single Image Set

One comment

  1. You are correct, it is not that easy to define a link as suspicious simply because it is masked under TinyURL or another URL shortener. But in general I think the best protection online is our own brains: you just need to think before clicking any links. The same is true for fishing emails or spam: you are are safe looking unless you click something. I guess everyone should know that by now?

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.