Direct Messages on Twitter Link to Malware
The Twitter 'fail whale' error message, created by Australian artist Yiying Lu.
CREDIT: Twitter/Yiying Lu
Twitter's direct messages supposedly can only be sent to you by people whom you follow — and, presumably, trust.
But be extra-cautious before clicking on any links that are direct-messaged your way. Users are discovering that private messages on the micro-blogging service, which appear to come from trusted friends, actually contain malicious links that attempt to plant known Trojans onto their computers.
The wording may be varied, but the trick is the same. A message calling the recipient "famous" or "awful" contains a link masquerading as the URL for a funny or embarrassing video on Facebook.
When the potential victim clicks through, however, the resulting Web page prompts him with a request to update YouTube to Flash Player 10.1. The linked file, FlashPlayerV10.1.57.108.exe, is actually a backdoor Trojan that Sophos recognizes as Troj/Mdrop-EML, capable of writing itself onto other drives and shared networks.
Adobe Flash Player 10.1 is actually an outdated version from June 2010. The most current version is Flash Player 11.4.
This isn't the first time online criminals have set their sights on Twitter users' inboxes. In April, a phishing scam preyed on people's online reputation fears with messages like, "Hi this user is posting very bad things about you," followed by a link that went to a failed login screen.
Twitter users should always check suspicious URLs and make sure browser plug-ins and add-ons are updated and secure. Sometimes users let their guard down when it seems like a link or message came from a friend.
It pays to double-check the sender's style (for example, does it read like something your friend would write? Is his or her grammar usually this terrible?), but as Will Oremus pointed out in Slate, on Twitter, that's not always easy to do.
"The beauty of the Twitter direct-message hack is that Twitter's brevity constraints sometimes force even accomplished writers to construct sentences like 'lol ur famous now,'" he said. "On Twitter, in short, we all write like spammers."
It's unclear how active, normally trustworthy Twitter accounts are becoming compromised, or whether Twitter is taking action to mitigate the problem.
If this happens to your account, it’s a good idea to change your password right away and revoke the Twitter access you may have given to any third-party applications.
Follow Ben on Twitter @benkwx.