A new worm has invaded Twitter accounts, spreading links to malicious websites that are designed to look an antivirus service. The threat was first reported in a blog post yesterday by Graham Culey of the the Internet security firm Sophos and Kaspersky.
The worm uses Google’s URL-shortener goog.le to post generic links on unsuspecting users’ Twitter accounts. When users click the link, they’re taken to a phony antivirus website promoting a service called “Security Shield.” The program is actually malware seeking to infect computers. When the program is installed it falsely reports a virus infection and asks for money in order to remove the virus from the system.
Fortunately, the threat has been mitigated as most legitimate antivirus programs have been alerting users before any damage is done — provided that virus subscriptions have been recently updated, of course. Google now also appears to be aware of the problem and has disabled goog.le links that redirect to the malicious site. Users who discovered mysterious links posted to their feeds should change their Twitter passwords.
It’s not the first time Twitter has fallen under attack from a worm. In September, the micro-blogging site’s security was breached and thousands of users found their accounts hijacked to post links to porn sites.
- Millions of Android users are at risk from ‘drive-by’ cryptomining
- Cryptocurrency mining bot spreading via Facebook Messenger in Chrome for desktop
- Sorry kid, access denied: Our favorite, free parental control software
- Find out how to track a phone with these helpful tracking tips
- Google took down more than 700,000 apps from the Play Store in 2017