Malware Using Official Twitter iPhone App Name To Spread

Posted on May 27, 2010 | Comments 0

Twitter is one of the safest places to procure social networking and meet new people, right? At one time, yes, that was a true statement.

However, in the recent months, more and more malware attacks have been showing up and they are starting to use Twitter as a breeding ground for them.

Infection Facts

Kaspersky Labs, a major security software maker, found a Trojan, named “Worm.Win32.VBNA.b,”the latest form of malware found on Twitter that is used to attack Windows based computers while utilizing the name of the first ever Official Twitter application to hide its true nature.

The connection between the app and the malware, which sends out infected links over Twitter’s public feed, is that it uses the name of the official iPhone app in a public Tweet sent by attackers and adds a link to it, supposedly directing people to the Official Twitter for iPhone website.

How it Infects?

However, the malicious link, which is shortened by one of the many URL shortening services available, directs unsuspecting Twitterers to a website that looks like the official site, but is infected with the Trojan.

A link shortening service, such as Bit.ly, makes it easy to hide malicious content inside links because they shorten them according to formulas.

The link that shows up in the feed could look as harmless as any other link does, making a malicious website’s name easily hidden as an unrecognizable URL.

A link that looks as if it is coming from the “Official Twitter app” is not likely to look suspicious, especially since there is an official app out there for iPhone users.

The Real Problem

The problem is not that the website includes links to infected downloads, as the website itself is harmless. Instead, the real problem is that if the unsuspecting user decides to “download” or run anything from the website, they are instantly infected with the Trojan. So how are you going to protect yourself and your computer?

Prevention

First, as a basic safety precaution, never click on a link if you do not know where it came from, even if it is from a friend or someone you follow on Twitter. A malicious link could have been retweeted by your friend without them realizing it.

Second, a plug in for Firefox users gives the user the ability to reveal the true destination of the link, before clicking on it. In addition, MyWot.com makes a toolbar and a button add-on, which reveals the security standing of a website.

While these are all useful tools in protecting yourself and your computer from malware attacks, know that the best protection is still a good anti-virus and anti-malware program.

Not only can these programs instantly detect most viruses in the wild, such as the one mentioned here, but they can stop you from going to a page that is infected in some cases.

Source: InformationWeek

Popularity: unranked [?]

Related Posts:

  1. Infected IBM USB Drives Given Out At AusCERT Conference & USB Malware Prevention
  2. Facebook “Clickjack” Attack Halted: Infected Site Offline, Not The First Attack
  3. Is All Adware Harmful?
  4. Are Apple Mac Computers Infectable?
  5. 10 Prevention Tips For Computer Health & Safety
  6. How To Be Safe On Facebook?


Posted in: SAFE COMPUTING

RSSComments (0)

Trackback URL

Leave a Reply