Backdoors in Twitter, Now in Arabic

June 30, 2010 by  
Filed under Security News


Views 93 views  
FaceBook Logo FB Comments
Comments Leave a Comment

Twitter is becoming a common medium to spread spam, malware and all kinds of badness. Just a few weeks ago, we wrote about FIFA and the Gaza attacks being used as social engineering leverage by Trojan creators, and there are no signs of them stopping any time soon.

 

Over the past two weeks, several Twitter accounts were created for the sole purpose of tweeting Poison Ivy or Bifrost download links. Both Poison Ivy and Bifrost are backdoors, malicious programs that allows an unauthorized user access to the infected machine. Interestingly, these backdoor programs are uploaded at either freewebtown.com or leadhoster.com, both free web hosting sites.

 

81766c1c0eb9b70dc1c697e1e3de54d2 Backdoors in Twitter, Now in Arabic00e62a3ab3740a2b124f92d05412663a Backdoors in Twitter, Now in Arabic
For some of our readers, these things aren’t new, but what caught my eye are these tweets written in Arabic:
bbc9b88e86f6979c7ba438e0ffa7faf4 Backdoors in Twitter, Now in Arabic

 

Cybercrime groups it seems, are broadening the scope of their social engineering by employing localization techniques. Quite clever huh?

 

Lastly, these rogue Twitter accounts either have very few or no followers and following, which means the only way for potential victims to see the backdoor URL is to do a Twitter Search with the appropriate keywords. Hmmm… blackhat SEO Twitter style anyone?

 

Source: http://blog.trendmicro.com/


FaceBook Comments



Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!