Twitter Hit With Rogue AntiVirus Scam

By CIOinsight  |  Posted 01-21-2011 Print


EUC with HCI: Why It Matters

A worm hit Twitter looking to rope users into downloading rogue antivirus.

Thousands of Twitter users are believed to have been hit with malicious links tied to a rogue antivirus scam circulating the microblog service.

The scam is spreading through malicious links abusing the goo.gl URL shortening service. According to Kaspersky Lab, the malicious links redirect users to different domains with an "m28sx.html" page. That HTML page redirects users to a static domain with a Ukrainian top-level domain. From there, blogged Kaspersky Lab Senior Malware Researcher Nicolas Brulez, the domain redirects the user to an IP address pushing fake antivirus.

"Once you are on this website," Brulez blogged, "you will get [a] warning that your machine is running suspicious applications and you are encouraged to scan it. -- The user is invited to remove all the threats from their computer, and will download a fake Anti Virus [sic] application called 'Security Shield.'"

For more, read the eWeek article: Twitter Worm Pushing Rogue Antivirus Scam.


Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.

By submitting your information, you agree that cioinsight.com may send you cioinsight offers via email, phone and text message, as well as email offers about other products and services that cioinsight believes may be of interest to you. cioinsight will process your information in accordance with the Quinstreet Privacy Policy.

Click for a full list of Newsletterssubmit