A new worm has invaded Twitter accounts, spreading links to malicious websites that are designed to look an antivirus service. The threat was first reported in a blog post yesterday by Graham Culey of the the Internet security firm Sophos and Kaspersky.
The worm uses Google’s URL-shortener goog.le to post generic links on unsuspecting users’ Twitter accounts. When users click the link, they’re taken to a phony antivirus website promoting a service called “Security Shield.” The program is actually malware seeking to infect computers. When the program is installed it falsely reports a virus infection and asks for money in order to remove the virus from the system.
Fortunately, the threat has been mitigated as most legitimate antivirus programs have been alerting users before any damage is done — provided that virus subscriptions have been recently updated, of course. Google now also appears to be aware of the problem and has disabled goog.le links that redirect to the malicious site. Users who discovered mysterious links posted to their feeds should change their Twitter passwords.
It’s not the first time Twitter has fallen under attack from a worm. In September, the micro-blogging site’s security was breached and thousands of users found their accounts hijacked to post links to porn sites.