Peaches Posted July 27, 2009 Report Share Posted July 27, 2009 Jul27Malicious Twitter Posts Get More Personal10:19 am (UTC-7) | by JM Hipolito (Technical Communications) One recent report by Rik Ferguson revealed that malicious Twitter posts are getting dangerously more customized, increasing the possibility of users getting hooked into malicious schemes.A Twitter spambot is said to have been used in launching this recent attack. The spambot creates Twitter accounts and fashion them to appear as legitimate accounts by posting seemingly harmless posts like those sharing certain music they listen to, or websites they visit. The spambot accounts then posts tweets directed to unknowing users, sharing a link to a PC repair tool they allegedly came across and used. As Rik Ferguson mentioned, the spambot posting tweets directed to specific users is a noteworthy social engineering technique that was clearly not seen as suspicious by Twitter admins. The spambot accounts were apparently created prior to a spam cleanup recently conducted by Twitter. Additionally, the spambot uses the URL shortener Doiop.com to mask the original URL in the posts, and for a not so good reason. The URL directs to a URL that triggers a couple of redirections that ultimately lead to the download of the file RegistryEasy.exe, which is detected as TROJ_FAKEAV.DAP. TROJ_FAKEAV.DAP comes off as an application that repairs registry problems. However, in true FAKEAV style, it merely displays false results to convince the user into purchasing the product.details & screenshots trendlabs - http://blog.trendmicro.com/ Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.