Kaspersky Lab, a leading solutions for secure content and threat management, warns users about a new worm that exploits rapid Twitter Google goo.gl shortened links.
Shortened URLs are easy and popularly used in the micro-blogging which limits the length of messages to users of services like Twitter. However, the shortcut links for the serious security threat, because the text on a shortened URL is relatively obscure and a user does not know what it contains before ending up in an infected site. Hackers manage to successfully attract the unwary to use their malicious links truncated.
A recently discovered worm Twitter redirect chain pushes users to a website that provides AV thugs called "Safety Shield". After several referrals, a user is taken to the page related to the distribution rogue AV. The page uses techniques eclipse code that includes an implementation of RSA in JavaScript. Kaspersky Lab has found thousands of Twitter messages continue to propagate the worm.
Kaspersky Lab malware researcher Nicolas Burn discovered that when you are on this site, you will receive a warning stating that your machine is running suspicious programs. The warning will invite users to remove all threats to their computer and download AV thugs "Safety Shield". As usual, the result is to download the program that the user's machine is infected with malware.
All products Kaspersky Lab is capable of detecting this threat through a built-in heuristic analyzer. However, users should always keep in mind that clicking on random links can cause serious infections on their machine.
Shortened URLs are easy and popularly used in the micro-blogging which limits the length of messages to users of services like Twitter. However, the shortcut links for the serious security threat, because the text on a shortened URL is relatively obscure and a user does not know what it contains before ending up in an infected site. Hackers manage to successfully attract the unwary to use their malicious links truncated.
A recently discovered worm Twitter redirect chain pushes users to a website that provides AV thugs called "Safety Shield". After several referrals, a user is taken to the page related to the distribution rogue AV. The page uses techniques eclipse code that includes an implementation of RSA in JavaScript. Kaspersky Lab has found thousands of Twitter messages continue to propagate the worm.
Kaspersky Lab malware researcher Nicolas Burn discovered that when you are on this site, you will receive a warning stating that your machine is running suspicious programs. The warning will invite users to remove all threats to their computer and download AV thugs "Safety Shield". As usual, the result is to download the program that the user's machine is infected with malware.
All products Kaspersky Lab is capable of detecting this threat through a built-in heuristic analyzer. However, users should always keep in mind that clicking on random links can cause serious infections on their machine.
