Twitter plagued by phishing malware

A new breed of malware is bringing phishing —a ploy where the perpetrator pretends to be a legitimate entity— to micro-blogging service Twitter.

 

Security vendor Trusteer said the attack involves injecting code into the browser to steal a Twitter user's credentials, allowing an attacker to tweet on the victim's behalf.

 

"The malware launches a Man-in-the-Browser (MitB) attack through the browser of infected PCs, gaining access to the victim’s Twitter account to create malicious tweets. The malware, which has been used as a financial malware to gain access to user credentials and target their financial transactions, now has a new goal: to spread malware using the online social networking service," Trusteer said in a blog post.

 

It said that while the attack is targeting Dutch Twitter users for now, the potential is there for the attack to be "used to target any market and any industry."

 

During an attack, Javascript code is injected into the victim’s Twitter account, and the malware collects the user’s authentication data.

 

Trusteer said protection against such an attack is difficult because the attack "uses a new sophisticated approach to spear-phishing."

 

"Twitter users follow accounts that they trust. Because the malware creates malicious tweets and sends them through a compromised account of a trusted person or organization being followed, the tweets seem to be genuine," it said.

 

Making matters worse is that since the tweets support shortened URLs, victims can click and be taken to malicious websites without suspecting anything is wrong. — TJD, GMA News