Symantec researcher Joji Hamada has answered the question why cybercriminals constantly seek to hack user’s Twitter accounts, as he has spotted a rash of compromised accounts tweeting links to some quite serious malware.
Of all the social media services, he says, Twitter is being favoured, as it allows the hackers to transit short links – that users curiously click on, ITSP notes – and which then infect the users’ smartphones with malware.
The latest Twitter campaign, he says in his latest security posting, appears to have started early last month and has affected many users on a global basis.
“A broad range of accounts have been compromised for weeks and many users have yet to notice that their accounts are sending out malicious tweets, even though hundreds of tweets may have already been sent,” he notes.
The good news, he says, is that most of the links appear to be in Russian. If, however, you understand Russian and are following users who regularly tweet in Russian, you need to be wary.
After a user clicks on the link, Hamada says that sites hosting malware will then be opened in the smartphone’s browser, which will then trigger an automatic download of an infected app.
Even though the apps are downloaded automatically, however, the Symantec researcher adds that users will still need to manually install the app, which appears to generate premium rate text messages in the background, so generating revenue for the hackers.
“There are also tweets with intriguing images to entice users to click on the link and download malware onto their device. The accounts are not always compromised and may have been prepared by the scammers. Keep an eye out for this type of scam,” he warns.
Hamada goes on to say that he and his team are working with Twitter to help those who have been compromised.
To confirm if your account has been compromised, he advises that users should check if your account(s) have made tweets you do not recall and check if you are following accounts you do not remember following.
“To prevent your accounts from being compromised, use difficult passwords, watch out for phishing scams, and protect your computers and devices from being compromised by malware that steals account information by following security best practices such as keeping the operating system and all installed software patched and using up-to-date security software,” he says.