Twitter and Twitter users are being targeted by a malicious worm. The worm sends out tweets with a goo.gl shortened URL link directed to a rogue antivirus application. The attack demonstrates once again how URL shortening can be a Pandora's box as users click on links with no clue where they might lead.
Similar Articles:
A post on Naked Security by Sophos' Graham Cluley describes the threat. "Thousands of Twitter users are finding that their accounts have been tweeting out malicious links without their permission, pointing to a fake anti-virus attack," adding, "A quick search on the popular micro-blogging network finds many tweets from users containing no message other than a goo.gl shortened link (Google's equivalent to bit.ly or tinyurl), which itself points to a URL ending with "m28sx.html".
Attacks hiding behind shortened URLs are not new, and are also not technically challenging to execute. By their very nature, URL shortening services like goo.gl and bit.ly take cumbersome, long URLs and condense them down to a nice, short alias that can be used in its place. The concept makes it much easier to send some exceptionally long links, and is a necessity for a site like Twitter which caps messages at 140 characters.
Adam Wosotowsky, principal researcher at McAfee Labs, explains, "Shortened URL sites are not 100 percent malicious, so blocking the domain completely can cause false positives, which is something researchers try and avoid. Goo.gl is an example of a site associated with Google, so blocking the domain may be frowned upon by Google, allowing the spammer to continually abuse the site."
via pcworld.com
Comments
Post a Comment