Jump to content
Login new information ×
Login new information

Huge Twitter spam campaign for fake antivirus discovered by Kasperksy

tezza

By tezza
in Security & Privacy News

Recommended Posts

tezza

tezza

Posted
Posted

A new spam campaign is pushing a fake antivirus via hundreds of fake Twitter accounts and thousands of tweets. Don’t click on links just because someone tweeted them to you.

Posted Image

Kasperksy today discovered a new spam campaign on Twitter pushing fake antivirus software. Since it is still ongoing, the numbers for it are likely much higher than what the security firm first reported: 540 compromised Twitter accounts sent out 4148 tweets, linking to a total of 44 unique domains (most of them hosted on .tk and .tw1.su).

A quick search on Twitter shows that the scam is still rampant. Here are a handful of tweets I saw while writing this article, to give you an idea of what the spam looks like:

@[real Twitter user] ” mystical ” [link] proven anti-virus

@[real Twitter user] ” commercial ” [link] proven anti-virus

@[real Twitter user] ” crisco ” [link] proven anti-virus

@[real Twitter user] ” banc ” [link] proven anti-virus

@[real Twitter user] ” meow ” [link] proven anti-virus

The compromised accounts spammed up to 8 messages per second, with links sending users to the infamous BlackHole exploit kit (see links below). As you can see in the screenshot above, if you click one of these links, you’re prompted with the following bogus warning: “Windows Antivirus 2012 has found critical process activity on your PC and will perform fast scan of system files!”

You are then told a fast scan is occurring (not true), at the end of which you are invited to install the aforementioned malware. Kaspersky says it tested various links and found that several variants were pushed to the infected machines.

At one point, the campaign stopped and then restarted with renewed gusto. I’ve been monitoring it myself on Twitter, and I can say that it’s still not over. While it may look like it’s dying down, the malware writers behind it can always give it new life by using old or new fake Twitter accounts.

As a general word of caution, don’t click suspicious links on Twitter. If you can’t tell whether a link is suspicious or not, don’t click it anyway.

http://www.zdnet.com...iscovered/11621

Link to comment
Share on other sites
  • Views 627
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...