• Twitter Users Hit by LOL Phishing Attack

    Twitter Users Hit by LOL Phishing Attack

    Techtree News Staff, Feb 22, 2010 1939 hrs IST

    Beware of natural sounding links that might arrive as a Twitter direct message

    mail share


IT security and data protection firm Sophos has warned Twitter users about a major attack against Twitter users this weekend. The attack, which seems to be still underway was designed to steal passwords and use hijacked accounts to spread money-making spam campaigns.



The attack began on Saturday with many Twitter users finding that fellow members of the micro-blogging network had posted messages disguised as humorous links. These were nothing but phishing intended links to dubious sites. The messages included natural sounding ones like "Lol. this is me??", "lol , this is funny.","Lol. this you??" and "ha ha, u look funny on here", were accompanied with clickable links which redirected users to a fake Twitter login page hosted on a website based in China.


Sophos has made a YouTube video, which journalists and bloggers are free to embed on their own websites, demonstrating the attack. View it here.


According to Graham Cluley, a senior technology consultant at Sophos, the cybercriminals behind the attack are creating a zombie network, or botnet, of hacked accounts that they can then abuse to spread spam, distribute malware and steal identities. He also advises users to change their Twitter passwords immediately if they find sent messages in their outbox that they didn't manually send. Sophos also warns that the links are not passed on just through Direct Messages. These links are also being posted in public feeds which mean that you can stumble across the links even if they are not sent it directly, or even if they are not a signed-up user of Twitter.

 

Follow Techtree on Twitter

Related Links
Sophos Releases Top 10 Virus List
Virus Koobface Plays Havoc on Facebook, Twitter
AVG Free Edition 7.5.472
Tag keywords
Twitter Sophos Phishing virus



Opinion Poll