News Item

Twitter Posts Lead to Rogue Anti-Virus Malware

By: Matt Liebowitz, MSNBC

Fake anti-virus software has been around for a long time, and there's a reason — the attackers who spread it convince you your computer is in trouble, and, you guessed it, they've got the solution. Now, these scammers are using Twitter to reach a larger pool of victims, and delivering a particularly nasty payload in the process.

If you see tweets promising "proven," "trusted" or "excellent anti-virus software, especially tweets ending in .TK or .tw1.su, do not click on them, Nicolas Brulez from the security firm Kaspersky Lab reported. The posts, which have been spreading around Twitter for days and are currently still active, take those who click the links to sites hosting the BlackHole exploit kit, a malicious Russian Web app that in turn redirects victims to corrupted sites.

In this case, users who click on the rogue anti-virus links receive an alert that their computer is infected, and the anti-virus program will perform a free scan of their system. The scan, of course, reports that it detects a number of Trojans on the victim's computer, and then prompts them to install  fake anti-malware software.

Read more...