Tweet

Twitter‘s list of trending topics appears to have been hit hard by another variant of the familiar “see who unfollowed you” scam:

Significant numbers of Tweets are being sent out that contain the above message: saying that a certain number of people have unfollowed them, and to find out who unfollowed you, click on the link. A few hashtags were generally attached to the end of the tweet.

What happens when you click on the link? You are redirected to a page for a “Followers Monitor”, which leads eventually to a page asking you to authorize an application to use your Twitter account. This rogue application is able to carry out such “minor” operations as reading your tweets, updating your profile, and even posting tweets on your behalf. If you actually give the app access, of course, the first thing it will do is post its own version of the spammed Tweet.

The choice of hashtags used by this attack was harvested from the trending topics seen overnight. Some were related to the Monday Night Football game which was airing (and trending) at the time this attack took place, while others were more random, as can be seen above.

Be careful with clicking on links from Twitter, particularly ones like these that claim you can learn who unfollowed you – they are always a scam. If you do inadvertently click links like this, you can undo some of the damage by removing the app’s authorization to access your Twitter account. This can be found under the Applications tab of your settings. Trend Micro already blocks the above page, so users are already protected from this threat.

Update as of 7:30 PM (UTC-7), December 20, 2011

We’re still seeing spammed Tweets that are similar to this attack, although some variants seem to have stopped mining the trending topics for hashtags to use. Please consider any link that comes from s0rt(dot)tk to be malicious and don’t click on them.