Government // Cybersecurity
News
12/7/2010
11:17 AM
Connect Directly
RSS
E-Mail
50%
50%

Twitter Worm Spreading Through Google Link

Malware is being distributed through the microblogging site's mobile app and URLs generated by the Goo.gl shortening service.

Top 5 Twitter Clients Revealed
(click image for larger view)
Slideshow: Top 5 Twitter Clients Revealed
The Twitter bird has become infected by a worm that is being spread via the link goo.gl/R7f68 and, perhaps, others.

A large number of messages are appearing on the popular microblogging site, according to a number of reports. Some unwitting users who click on the link are sent to the website of French furniture seller Artcan Developpement, which apparently has been hacked, then are redirected to various sites filled with malware scripts, Mashable said.

"We're aware and have sent out password resets for affected users. We'll monitor the situation in case of further iterations," Troy Holden, a Twitter support representative, told TechCrunch.

While some messages are coming from disposable Twitter accounts, other postings apparently are appearing from real Twitter accountholders, making it likely that the worm is spreading and sending the messages from now-infected accounts, various reports said. To date, all messages are coming from the mobile version of Twitter, according to Mashable.

On Tuesday morning, Twitter's site hummed with warnings in multiple languages, as accountholders warned followers not to open links ending in R7f68. But since the worm is only a few hours old, the format could quickly change, The Next Web warned. Indeed, TechCrunch reported it found the worm was being spread via http://goo.gl/od0az.

"What we've been able to learn is that the worm seems to be either creating or using a number of spam/newer accounts," The Next Web reported Tuesday morning. "That said, a few influentials have also tweeted the URL."

The R7f68 URL -- shortened using Google's goo.gl website-abbreviation service -- is sometimes part of a message stream: "Just found the easiest way to track who follows and unfollows you -- http://goo.gl/kLE5M," The Next Web said. But in some cases the link appears without this comment, reports said.

In addition, The Next Web cautioned Twitter users against postings that advertised a service called Fllwrs, and recommended that users revoke access to their Twitter site if such a posting appears.

Social media is increasingly becoming an attractive target for cybercriminals. Malware -- such as bots that launch spam and denial of service attacks, keyloggers and backdoor Trojan viruses designed to steal confidential data -- is a file or application that is downloaded from a website or computer that has properties that are involuntary and malicious. In September, Twitter halted a malware attack that spread malicious messages using cross-site request forgery.

Comment  | 
Print  | 
More Insights
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - September 10, 2014
A high-scale relational database? NoSQL database? Hadoop? Event-processing technology? When it comes to big data, one size doesn't fit all. Here's how to decide.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.