Web Hosting Security

  Home arrow Web Hosting Security arrow Fake Antivirus Scam Infiltrates Twitte...
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
WEB HOSTING SECURITY

Fake Antivirus Scam Infiltrates Twitter
By: wubayou
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating:  stars stars stars stars stars / 0
    2011-02-01

    Table of Contents:

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     

    SEARCH WEB HOSTERS

    TOOLS YOU CAN USE

    advertisement
    A new worm has been making the rounds in Twitter by posting malicious links on profiles that try to encourage users to download fake antivirus software. The worm was detailed in a blog post by Kapersky Lab's Nicolas Brulez. Its classification as a worm comes from the fact that it has been spreading between various accounts.

    While the fake antivirus scam is relatively new, Twitter is aware of the problem and is making an effort to rectify it. Accounts deemed as having been compromised and containing the malicious links are having their passwords reset by the social network. In addition to the resetting of passwords, Twitter is also working on removing the fraudulent links.

    The fake antivirus software, also commonly referred to as scareware, goes by the “Security Shield” moniker. Twitter users can see links on profiles that are disguised using Google's URL shortener. The goo.gl shortening service allows users to shorten lengthy URLs for convenience, but hackers can employ the service to hide the actual destinations of their links. This leads to some users to click on links that may appear harmless, but are actually malware.

    Once a user clicks on one of the shortened links, they are redirected through a series of URLs. They finally land on a popular Ukrainian domain that redirects them once again to an IP address that has been associated with other scareware scams in the past. Once on the page, users are encouraged to scan their computers for any existing malware. Approving the scan leads to yet another prompt, which asks them if they want to remove malware from their computers. As with other scareware, the scam leads the victims to believe that their computers are infected, and the only way to remove the threats is to download the rogue antivirus software. If the users accept the prompt to remove the threats, the Security Shield software begins to download.  

    Fake antivirus programs have a solid presence on the Internet, and they come in many forms and carry different legitimate-sounding names. Windows users are the biggest targets, primarily due to the fact that so many consumers have machines running on the operating system. Once hackers detect software vulnerabilities, they exploit them with the hopes of reaching as many victims as possible. Once downloaded, many of the phony programs will ask victims to pay for full versions of their software to clean their systems properly. While Security Shield claims to help downloaders with removing infections, it, like pretty much all other fake antivirus software, actually does nothing other than cause a nuisance.

    As for the origin or cause of the Security Shield attacks, no definitive answer exists as of yet. One possibility comes from December's attack on Gawker Media. A group called Gnosis successfully acquired the usernames and passwords of Gawker website members. Many of the usernames and passwords matched login data for Twitter, making those accounts vulnerable to attack. Since Twitter saw an increased presence of spam after the Gawker attack, it could be the source of the Security Shield scams, although that remains to be seen.

    For more on this topic, visit http://www.computerworld.com/s/article/9205800/Twitter_hit_by_fake_antivirus_software_scam


    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

    More Web Hosting Security Articles
    More By wubayou

    WEB HOSTING SECURITY ARTICLES

    - For Online Security, Invest in People
    - World`s Third-Largest Botnet Bites the Dust
    - Yahoo Security Breach Highlights Poor Practi...
    - How to Prevent Mobile Malware
    - FBI Issues Internet Security for Travelers a...
    - More of the Top Internet Scams
    - How to Stop Phishing Scams
    - Social Networking Safety Tips
    - How to Avoid Financial Fraud Online
    - Android`s Most Notorious Trojans and Viruses
    - GFI Report Details Top 10 Threat Detections ...
    - Sophos Releases Security Threat Report 2012
    - Facebook Safety Tips for 2012
    - Email Scam Hits Apple Users
    - Tips for Mobile Security

    Developer Shed Affiliates

     




    © 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap