Government // Cybersecurity
News
12/7/2010
11:17 AM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Twitter Worm Spreading Through Google Link

Malware is being distributed through the microblogging site's mobile app and URLs generated by the Goo.gl shortening service.

Top 5 Twitter Clients Revealed
(click image for larger view)
Slideshow: Top 5 Twitter Clients Revealed
The Twitter bird has become infected by a worm that is being spread via the link goo.gl/R7f68 and, perhaps, others.

A large number of messages are appearing on the popular microblogging site, according to a number of reports. Some unwitting users who click on the link are sent to the website of French furniture seller Artcan Developpement, which apparently has been hacked, then are redirected to various sites filled with malware scripts, Mashable said.

"We're aware and have sent out password resets for affected users. We'll monitor the situation in case of further iterations," Troy Holden, a Twitter support representative, told TechCrunch.

While some messages are coming from disposable Twitter accounts, other postings apparently are appearing from real Twitter accountholders, making it likely that the worm is spreading and sending the messages from now-infected accounts, various reports said. To date, all messages are coming from the mobile version of Twitter, according to Mashable.

On Tuesday morning, Twitter's site hummed with warnings in multiple languages, as accountholders warned followers not to open links ending in R7f68. But since the worm is only a few hours old, the format could quickly change, The Next Web warned. Indeed, TechCrunch reported it found the worm was being spread via http://goo.gl/od0az.

"What we've been able to learn is that the worm seems to be either creating or using a number of spam/newer accounts," The Next Web reported Tuesday morning. "That said, a few influentials have also tweeted the URL."

The R7f68 URL -- shortened using Google's goo.gl website-abbreviation service -- is sometimes part of a message stream: "Just found the easiest way to track who follows and unfollows you -- http://goo.gl/kLE5M," The Next Web said. But in some cases the link appears without this comment, reports said.

In addition, The Next Web cautioned Twitter users against postings that advertised a service called Fllwrs, and recommended that users revoke access to their Twitter site if such a posting appears.

Social media is increasingly becoming an attractive target for cybercriminals. Malware -- such as bots that launch spam and denial of service attacks, keyloggers and backdoor Trojan viruses designed to steal confidential data -- is a file or application that is downloaded from a website or computer that has properties that are involuntary and malicious. In September, Twitter halted a malware attack that spread malicious messages using cross-site request forgery.

Comment  | 
Print  | 
More Insights
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.