Scammers hit Twitter with tainted tweet storm

Updated 45m ago
By Byron Acohido, USA TODAY

A flurry of tainted micropostings is swamping Twitter with malicious scams, making it tougher to trust tweets even from people you know, security researchers say.

Several attacks that launched last week used tried-and-true e-mail spamming techniques. "We're seeing old scams migrating to the popular social networks," says Matt Marshall, lead researcher at Redspin, which tests network defenses.

Two began when crooks created Twitter accounts en masse, then sent tweets carrying links to promotions for fake anti-virus protection, says Mikko Hypponen, senior researcher at F-Secure.

One wave keyed off Twitter's top 10 "trending topics," spreading bad links in tweets purportedly about subjects generating the most microposts globally. Another copied tweets sent by real people and resent them with links triggering fake anti-virus pitches, Sophos researcher Beth Jones says.

In a separate attack, private microposts — called direct messages, or DMs — were blasted out to individual Twitter members. "People have a built-in trust in messages that appear to be from friends," says Sean-Paul Correll, Panda Security researcher.

These DMs carried links designed to steal passwords and recruit people for work-at-home schemes to toil as money mules, setting up bank accounts to help thieves extract funds from hijacked financial accounts.

Twitter, one of the hottest social sites, with an estimated 30 million users, declined to comment. Facebook, MySpace, LinkedIn and other social sites have also been hit hard by corrupted postings. But Twitter has increasingly borne the brunt — and is likely to remain a top target, security experts say.

Twitter makes setting up accounts quick, easy and anonymous, if preferred. Micropostings, called tweets, are limited to 140 characters and flash across the Internet in real time. Web links come shortened, making it impossible for participants to see the name of the originating Web domain.

This all works perfectly for cybercriminals, says Jamz Yaneza, Trend Micro researcher. "The bad guys easily twist this for their own purposes."

Security analysts expect attacks on social networks, especially Twitter, to intensify in the coming holiday shopping season. "Twitter hasn't done anything wrong," says Gerry Egan, director of Symantec's security response team. "This is simply another case where malicious attackers are using neutral technology as a means to their deceptive ends."

Internet users should keep anti-virus suites current, promptly install all software updates from Microsoft, Adobe and Apple, and distrust messages that use scare tactics. Also, free tools are available; some can unravel shortened Web links before you open them; others verify that a Web link is safe.

http://www.usatoday.com/tech/news/2009- ... tter_N.htm