Cybercriminals are using compromised Twitter-accounts for spreading malware

Posted: April 23, 2013 in IT Security News
Tags: , , , , , ,

Twitter hackedThe attack can be achieved by the introduction of Javascript code in your account page in the social network.

In one of the most popular social networks Twitter world was discovered malware aimed at social network users. This was reported by Tanya Shafir,  Trusteer’s researcher.

As declare in the company, the malicious software carries out MitB-attacks, using the web browser of the infected computers thanks to what get access to the account to Twitter from which the attackers and spread malicious entries.

“Trusteer recently identified a new active configuration of malicious software aimed at users of the micro-blogging Twitter. The malware uses the method of attack Man-in-the-Browser to attack your computer’s web browser and access to the account in Twitter to create malicious links, ” – said in a Trusteer.

Previously, this type of malware was designed to steal banking data card users, now the main goal is to spread malware through the social network.

As reported by Shafir, currently software is aimed at the Dutch people. However, given the fact that Twitter users are registered from all over the world, virtually every region and every industry can become a victim of cyber attacks.

The attack can be achieved by the introduction of Javascript code in your account page in Twitter:


A malicious program collects data for authorization, so an attacker can use Twitter API to create malicious entries on behalf of the victim.

Here is an example of malicious tweets:

«Onze nieuwe koning Willem gaat nog meer verdienen dan beatrix. check zijn salaris»

«Beyonce valt tijdens het concert van de superbowl, zeer funny!!!!»

Each entry contains the following malicious links (currently inactive)

hXXp :/ /

hXXp :/ /

hXXp :/ /

hXXp :/ /

“Defend against such attacks is particularly difficult, as the organizers of attacks use a complex model of phishing. Twitter users simply follow the account, completely unaware that he may already be compromised,” – said the Trusteer.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s