Backdoors in Twitter, Now in Arabic

June 30, 2010 by  
Filed under Security News

Views 97 views  
FaceBook Logo FB Comments
Comments Leave a Comment

Twitter is becoming a common medium to spread spam, malware and all kinds of badness. Just a few weeks ago, we wrote about FIFA and the Gaza attacks being used as social engineering leverage by Trojan creators, and there are no signs of them stopping any time soon.


Over the past two weeks, several Twitter accounts were created for the sole purpose of tweeting Poison Ivy or Bifrost download links. Both Poison Ivy and Bifrost are backdoors, malicious programs that allows an unauthorized user access to the infected machine. Interestingly, these backdoor programs are uploaded at either or, both free web hosting sites.


Click for larger viewClick for larger view
For some of our readers, these things aren’t new, but what caught my eye are these tweets written in Arabic:
Click for larger view


Cybercrime groups it seems, are broadening the scope of their social engineering by employing localization techniques. Quite clever huh?


Lastly, these rogue Twitter accounts either have very few or no followers and following, which means the only way for potential victims to see the backdoor URL is to do a Twitter Search with the appropriate keywords. Hmmm… blackhat SEO Twitter style anyone?



FaceBook Comments

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!