Twitter is a very popular platform for expressing whatever is on a user's mind, making it a favorite target of malware authors. Trend Micro has published several blog entries that discussed attacks on Twitter. Now, the creators of Koobface included a new component in the malware to target the vast number of Twitter users. They've come up with the latest update to the Koobface loader binary and other known Koobface components that target social networking sites like Facebook, MySpace, Hi5, ...

The hype after recent mass compromises has not even died down yet and already another massive attack has been launched. Trend Micro was alerted to the emergence of another mass compromise, dubbed Nine Ball, for the same reason Gumblar was named Gumblar. This time, however, the Nine Ball domain was only one of hundreds of landing pages users could be redirected to. As reported by Ivan Macalintal, Trend Micro Threat Research Manager, the infection starts when a user accesses a compromised site that ...

URL redirection services like TinyURL have grown from almost nothing in recent years, due entirely to the success of Twitter and its 140-character limit. For most users, they represent a welcome convenience as they make their tweets, status messages, and other such space-limited posts throughout the day. Unfortunately, cybercriminals have used such services as part of various schemes before. Earlier this week, in fact, it's safe to say the Internet dodged a big bullet. The database of Cligs, the #4 URL redirection ...

The violent protests by activists unhappy with the results of the recently concluded Iran presidential elections are being paralleled by DDoS attacks organized by hacktivists to bring down Iran government websites. Although it hasn't been confirmed if the DDoS attacks were indeed successful, several Iranian government websites have been reported inaccessible. Noah Shachtman from Wired expressed his concerns about Iran's network infrastructure being centralized, which causes Internet connection across the country to normally be unstable as it is. Unnecessary, overwhelming traffic ...

Aside from Gumblar, another incident of mass compromised web sites have been seen in the wild lately, and has raised as much concern as the former. This one starts with the same technique: a malicious IFRAME unknowingly embedded in a legitimate website, injected via JavaScript. The said IFRAME redirects to another IFRAME, which in turn executes obfuscated JavaScript code. Once decoded, it tries to connect to URLs to download exploits for several vulnerabilites in order to gain access of the affected ...