Thousands of Twitter users are believed to have been struck with malicious links tied to a rogue anti-virus hoax circulating the microblog service.
Scam is spreading malicious links goo.gl wrong URL shortening services. According to Kaspersky Lab, malicious links to redirect users to different areas with "m28sx.html page. This is an HTML page directs users to a static domain, the Ukrainian top-level domain. From there, the blog of Senior Research Kaspersky Lab Malware Researcher Scientist Nicolas Brulez, the domain name directs the user's IP address, press the fake antivirus.
"Once on this site," Burn blog, "I [a] warning that your machine is running suspicious applications and invite you to explore. ... The user is prompted to remove all threats to your computer and download a fake antivirus application [sic] called "Safety Shield."
Del Harvey, Director of Trust and Security on Twitter, tweeted about the day that the company aims to remove the malicious link, and reset passwords compromised accounts.
"What is not yet clear how Twitter users have found their accounts compromised in this way," blogged Graham Cluley, senior technology consultant at Sophos. "The natural suspicion is that their user names and passwords have been stolen. This is certainly a wise precaution for users who have found their Twitter goo.gl unexpected post links to change their passwords immediately."
Such attacks are nothing new Twitter. In December, users have been targeted shortened their direct link to jeopardize the site of the French furniture company before sending them to each other. In this case, malicious URLs pointed to a copy of the toolkit Neosploit attack.
News Source : Google