Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
According to PandaLabs, cybercriminals have created hundreds of Twitter accounts and published thousands of comments in them under the topic ‘PhishTube Broadcast', in relation to the US rock band Phish.
With the large quantity of micro-blogs, or Tweets, published on a similar topic, they can ensure that the topic appears in the Trending Topic list meaning a greater visibility and more user traffic to their comments.
PandaLabs claimed that if a Twitter user clicks on the ‘PhishTube Broadcast' Trending Topic link, they will see the malicious comments published in the accounts created by the spammers. The links include points to a spoof pornographic website. If a user clicks on any of the items on this page they will become infected with a copy of the PrivacyCenter fake antivirus.
Luis Corrons, technical director of PandaLabs, said: “We have recently been warning of an increase in Black Hat SEO attacks, particularly those aimed at selling fake antivirus products. In this case, instead of a search engine, the Twitter ranking mechanism is the target of the attack, forcing topics to appear in the list of the most popular.
“Anyone interested in this topic will most likely end up on one of the thousands of malicious comments posted, although we have also seen a few legitimate comments. With millions of users, this network is extremely attractive to cybercriminals, and it is likely we will see it targeted more often in the future.”
Writing on the PandaLabs blog, threat researcher Sean-Paul Correll claimed that this had expanded from one trend to nearly all topics overnight. He claimed that over the past 24 hours, there have been several thousand tweets targeting trending topics on Twitter as cybercriminals target twitter trends in real-time.
Correll said: “The emergence of this type of threat distribution method demonstrates how cybercriminals are adjusting and evolving to the newer services offered on the Internet. It's especially dangerous with sites like Twitter, which offer up to the second updates (or live tweets) of events as they unfold in real time.
“In the future, sites which promote an unfiltered and open dialogue through a global hive of users will have to think twice about the potential threats exposed by features or even API services that they offer.”See original article on scmagazineuk.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.