Twitter worm fakes anti-virus

A fast-moving Twitter worm is in circulation, using Google’s goo.gl redirection service to push unsuspecting users to a notorious scareware (fake anti-virus) malware campaign.

At 8:45 a.m EST today, this Twitter search shows thousands of Twitter messages continuing to spread the worm.

The malicious links go through a number of redirections which. The redirection chain may push Twitter users to a fake anti-virus (scareware) serving the “Security Shield” Rogue AV. The webpage is using exactly the same obfuscation techniques as a previous version (Security Tool), which is an implementation of RSA cryptography in JavaScript to obfuscate the page code.

…………………………………………….
Source:
http://www.zdnet.com/blog/security/twitter-worm-hits-googl-redirects-to-fake-anti-virus/7938?tag=nl.e539
http://www.securelist.com/en/blog/11136/New_Twitter_worm_redirects_to_Fake_AV

Leave a Reply

Your email address will not be published.