We’re all well aware of Twitter spam accounts but these are gradually turning nastier and nastier. They started out with – usually – pictures of nubile young women whose profile link might lead you to some nefarious site. But now they are starting to embed payloads in these links while @’ing random Twitter users to catch their attention.
The link in the post above is blurred, but leads on to a site hosting some JavaScript.
As security analysts trendmicro points out, if this JavaScript is executed by the browser, an “unpleasant payload” is delivered to the user’s PC.
Trendmicro has seen malicious PDF documents and executable files appear via this spam which, once running, tries to connect to download even more malware.
By using an “@” reply in the tweet, this strategy is a change from the Gaza and FIFA World cup Twitter spam run earlier this month which used social engineering to lure people into thinking they were clicking on a news item.
The malware downloaded in that case performed such operations as sending and receiving files, keylogging, and retrieving user names and passwords.