Monday, April 22, 2013

In Twitter fixed malicious campaign

Cybercriminals are using compromised Twitter-accounts for posting links to malicious software, said in an IT company Trusteer. The company said the discovery of a new version of the malware TorRAT, which has traditionally been used to launch attacks against financial institutions.

"Trusteer recently identified a new active configuration TorRAT, aimed at users of the micro-blogging Twitter. Malware applies the attack Man-in-the-Browser to attack your computer's web browser and access to the account in Twitter to create malicious links," - said in a Post an IT company.

In Trusteer said that the infected tweets are sent through legitimate accounts on the network, which greatly increases the level of confidence in the reports and provokes the reader to move on viral link. "Protected from such attacks is particularly difficult, as the organizers of the attacks use sophisticated model of phishing. Users simply follow the Twitter account, completely nepodozrevaya that he may already be compromised," - said in a Trusteer.

Additional risk attack makes the fact that Twitter uses the URL shortening so that the user can see the target address of the jump after being moved to a malicious resource. In Trusteer said that he had seen them attack types rely on specialized code JavaScript, which is trying to convey to the user's computer malware. In addition, in some cases, attackers have used Twitter API to work with additional features microblogging platform.

No comments:

Post a Comment