Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    May 2013
    S M T W T F S
    « Apr    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
    • About Us
    Trendlabs Security Intelligence > A New Twitter Worm Is Making the Rounds

    A new Twitter worm is making the rounds. If you receive a direct message from a “friend” that contains the following message:

    “This you????”

    It is likely malicious. Clicking the link, http://twitter.login.{BLOCKED}home.org/login/, will redirect you to a subpage of the said domain. You will then be prompted to log in to your Twitter account.

    Note how closely the fake login page duplicates Twitter’s actual login page:

    Click for larger view

    Once you log in, your credentials will be stolen and all of your followers will receive a direct message from you with a link to the same site, allowing the worm to further propagate. Doubtlessly, at some point in the future, the cybercriminals behind this attack will use the same stolen credentials to send out other malicious content from a huge number of compromised Twitter accounts.

    So remember, think before you click! For more great tips and tricks with regard to social networking, you may read this.

    Trend Micro™ Smart Protection Network™ protects product users from this kind of attack by blocking user access to the malicious domain and other related sites.





    Share this article
    		 Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon



    This entry was posted on Wednesday, February 24th, 2010 at 2:03 am and is filed under Bad Sites, Mobile . Both comments and pings are currently closed.



    • http://www.facebook.com/sean23465 Sean De Erio

      What is the worm’s name?

    • Pingback: Diet Twitter Spam (on the) Run

    • Pingback: A New Twitter Worm Is Making the Rounds « Spyware Explained

    • minglai

      Got a DM like this. The URL was shortened by TinyUrl and when I clicked it, TinyUrl displayed this page that said they have classified the user who sent it to me as a spammer. I wonder though if they did that or if Twitter did the classifying…

    • Melinda

      ok, so I was infected with this virus and changed my password (I have a Mac BTW). Do I need to change my password on every site I have that shares the same password such as my bank account or do I just need to change twitter?

    • TedLSimon

      So, I fell for this one (let my guard down for just a moment). Having done all the wrong things, my question is: what do I do now to regain my security?

    • katie

      My account was compromised this morning. My account sent out the above DM, but I swear I never logged in using that fake twitter page. How did Kevanshome.org get into my account to send out the phishing DM's?



     

    Other Trend Micro blogs
    CTO Insights
    CounterMeasures Blog
    Cloud Security Blog
    Consumerization Blog
    Fearless Web
    Internet Safety for Kids & Families
    Simply Security News
    Trend Micro Blog [German]
    TrendLabs Security Blog [Japan]
    Cloud Security APAC
    Trend Micro Free Tools Threat Encyclopedia Trend Micro Videos
    Do you have a product-related question? Visit our eSupport website.

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice