http://pandalabs.pandasecurity.com/archive/tags/Trends/default.aspxTags: TrendsenCommunityServer 2.1 SP2 (Build: 61120.2)http://pandalabs.pandasecurity.com/archive/Rogueware-campaign-on-Twitter-continues_2E002E002E00_.aspxThu, 04 Jun 2009 08:13:00 GMTb262f9bf-63e5-46e5-8a14-4069a6997bc7:1003Sean-Paul Correll0http://pandalabs.pandasecurity.com/comments/1003.aspxhttp://pandalabs.pandasecurity.com/commentrss.aspx?PostID=1003 <p align="left">The Twitter Trends based attack <a href="http://pandalabs.pandasecurity.com/archive/Rogueware-Campaigns-now-blending-into-Twitter-Trends.aspx" target="_blank">we blogged about yesterday</a> has expanded from just one trend to nearly all of them! &nbsp;&nbsp;Over the past 24 hours, there have been several thousand tweets targeting trending topics on Twitter and the numbers continue to rise.&nbsp;<br /> <br /> <a href="http://www.flickr.com/photos/lithium-/3594094709/sizes/o/"><img alt="@lithium" border="0" src="http://farm4.static.flickr.com/3553/3594094709_88d050b2dd.jpg" /></a><br /> <br /> <strong>Example Tweets:</strong><br /> <br /> <a href="http://www.flickr.com/photos/lithium-/3594902566/sizes/o/"><img alt="Malicious Tweets" border="0" src="http://farm4.static.flickr.com/3400/3594902566_ae651d6646.jpg" /></a><br /> <br /> As you can see from the example tweets, the cyber criminals are targeting twitter trends in real-time.&nbsp; &nbsp;&nbsp;I went ahead and captured every tweet up until about 8PM tonight and put together a Tag Cloud so that you can see what terms were targeted more frequently.<br /> <br /> <a href="http://www.flickr.com/photos/lithium-/3594094809/sizes/o/"><img alt="Tag Cloud" border="0" height="400" src="http://farm4.static.flickr.com/3377/3594094809_c266bbb150.jpg" width="500" /></a><br /> <br /> Clicking on any of the links will put you through a series of redirects, at which point you will arrive at a website prompting you to install a fake Adobe Flash plugin (flash_player_plugin.exe).&nbsp; If the so-called &ldquo;plugin&rdquo; is installed, then the computer will be infected with <a href="http://www.pandasecurity.com/homeusers/security-info/about-malware/encyclopedia/overview.aspx?lst=det&amp;idvirus=207660">Adware/PrivacyCenter</a>.<br /> <br /> <a href="http://www.flickr.com/photos/lithium-/3594094885/sizes/o/"><img alt="Malicious Site" border="0" height="375" src="http://farm4.static.flickr.com/3609/3594094885_642aeb28a2.jpg" width="500" /></a></p> <p>The emergence of this type of threat distribution method demonstrates how cyber criminals are adjusting and evolving to the newer services offered on the Internet.&nbsp; It&rsquo;s especially dangerous with sites like Twitter, which offer up to the second updates (or live tweets) of events as they unfold in real time.&nbsp; In the future, sites which promote an unfiltered and open dialog through a global hive of users will have to think twice about the potential threats exposed by features or even API services that they offer.&nbsp; &nbsp;&nbsp;</p><img src="http://pandalabs.pandasecurity.com/aggbug.aspx?PostID=1003" width="1" height="1">RoguewareTwitterflash_player_plugin.exeTrends