NEWS FROM THE LAB - Thursday, May 20, 2010

Twitter Attack Posted by Mikko @ 11:37 GMT

There's another malware run underway on Twitter.

A fairly large pool of fake accounts are sending out messages with popular hashtags and the text "haha this is the funniest video ive ever seen".

Twitter attack

People see these messages when they look for trending topics in Twitter.

The shortlinks in the Tweets point to a compromised page, which uses a Java exploit to drop a keylogger / banking trojan combo to your system.

The attack is unusually easy to follow by just looking at the source code of the page. Take a look at this:


F-Secure Anti-virus blocks access to the malicious pages and detects both the malicious Jar file and the trojan it drops. We have also reported the shortlink to bit.ly and they should disable it soon.

Lesson of the day is probably this: Do you really need Java in your browser? Seriously, do you? If not, get rid of it.