Beware. PandaLabs has discovered a new attack on Twitter users. It says cyber-criminals have created hundreds of Twitter accounts and published thousands of comments in them under the topic “PhishTube Broadcast,” in relation to the popular rock band, Phish. This helps them push them into the ranking of most popular topics.
By infiltrating Twitter with comments, these cyber-criminals are ensuring their presence in the “Trending Topics” list, resulting in greater visibility and more user traffic to their comments.
The Trending Topics list appears in the interface of all Twitter users, listing the subjects most talked about by the network’s users. Clicking any of these topics returns a series of results displaying comments related to these issues and the users that have published the comments, says PandaLabs, Panda Security’s malware analysis and detection laboratory.
Now, if Twitter users click on the “PhishTube Broadcast” Trending Topics link, they will see the malicious comments published in the accounts created by the cyber-crooks. These include links pointing to a spoof pornographic Web page and users who click on any of the items on this page will end up infecting their computers with a copy of the PrivacyCenter fake antivirus.
A fake antivirus is a type of adware designed to run a spoof scan of the system, as if it were a legitimate antivirus. It falsely informs users that their computers are infected with malware. The aim is to make users believe their systems are infected, and then offer them the chance to eliminate this supposed malware by buying a ‘Premium’ version of the fake antivirus. The overall objective is to profit from these sales.
“With millions of users, this (Twitter) network is extremely attractive to cyber-criminals, and it is likely we will see it targeted more often in the future,” says Luis Corrons, technical director of PandaLabs.
A few days ago, PandaLabs had estimated that nearly 30,000 videos on YouTube are with comments containing links that point to a Web page designed to download malware. This is another example, it said, of how cyber-criminals are attacking popular Web 2.0 sites to distribute malware. Similar attacks have previously been seen, to a lesser extent, on sites including Digg.com and Facebook, informs PandaLabs. (Read: Are Cyber Crooks using YouTube, Facebook?)
As the social networking craze is growing among teens, cable, TV company Comcast suggests some tips to maintain privacy while using the online networks. It says parents should become familiar with networks like Facebook, Twitter, and MySpace to advise their children about the importance of being safe and smart while communicating online. (Read: 5 Tips to Use Facebooks, Twitters Gracefully)
Similarly, a study shows that teen girls who depict themselves online in a provocative way and who have a history of child abuse are more likely to receive online sexual advances. Then they meet those individuals offline. It suggests parents should know how their teenage girls present themselves online. (Read: Is Internet Bad for Teen Girls?)
PandaLabs, according to the company, has an automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts – malware or goodware.