Twitter Hit With Rogue AntiVirus Scam

Thousands of Twitter users are believed to have been hit with malicious
links tied to a rogue antivirus scam circulating the microblog service.

The scam is spreading through malicious links abusing the goo.gl
URL shortening service. According
to Kaspersky Lab
, the malicious links redirect users to different domains
with an "m28sx.html" page. That HTML page redirects users to a static
domain with a Ukrainian top-level domain. From there, blogged Kaspersky Lab
Senior Malware Researcher Nicolas Brulez, the domain redirects the user to
an IP address pushing
fake antivirus
.

"Once you are on this website," Brulez blogged, "you will get
[a] warning that your machine is running suspicious applications and you
are encouraged to scan it. — The user is invited to remove all the threats from
their computer, and will download a fake Anti Virus [sic] application
called ‘Security Shield.’"

For more, read the eWeek article: Twitter Worm Pushing Rogue Antivirus Scam.

CIO Insight Staff
CIO Insight Staff
CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need network monitoring technology and solutions to maintain regulatory compliance for their teams and organizations.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles