Twitter DMs deliver malware

Posted by Emma Woollacott

Twitter users are receiving direct messages, purportedly from friends, alerting them to Facebook videos in which they are said to feature.

Messages include 'lol ur famous now [link]' and 'you even see him taping u [link] that's awful', along with a link to a Facebook page.

Users clicking on the link are directed to a message telling them that they need an update to YouTube player, and an offer to  install an update to Flash Player 10.1.

But, says Graham Cluley of security firm Sophos, "The program you are being invited to download is called FlashPlayerV10.1.57.108.exe, and is detected by Sophos anti-virus products as Troj/Mdrop-EML, a backdoor Trojan that can also copy itself to accessible drives and network shares."

It's not clear who's behind the attacks - or exactly how they're gaining access to Twitter accounts to send the messages. Direct messages can only be sent between users who follow each other.

"The attack underlines the importance of not automatically clicking on a link just because it appeared to be sent to you by a trusted friend," says Cluley.

Users who discover that their account's being used to send such messages should change their passwork and revoke permissions for any dodgy-looking applications that have access to their account.