We saw an interesting social engineering technique on Twitter this morning which relies on anyone’s natural curiosity when their Twitter username is mentioned.
[WARNING: STRONGLY SUGGEST YOU DO NOT VISIT THE URL IN THIS EXAMPLE.]
These Twitter users have a robot set up which scans the public Twitter timeline looking for Tweets mentioning certain keywords.
Twitter account mentions to encourage user to visit malware website
I sent a Tweet mentioning the word ‘Kindle’ and within seconds the following Tweet was sent drawing my attention to it by referring to my Twitter user id @Drivelry.
Inspection of the user ‘neuroezrk’ shows that they are Tweeting fairly random text in a number of different languages all with urls attached to different people.
They Follow nobody and nobody Follows them.
Inspection of the url using the Sucuri security scanner says the target page is infected with malware (possibly code designed to exploit unpatched versions of Internet Explorer).
The page is also designed to sell icons – it may be the page owner is not even aware there is malware present – and my javascript knowledge is not good enough to verify Sucuri’s analysis and whether it is correct.
However, whether or not the site is infected, the technique is definitely one which can be exploited by hackers.
This article filed under the following 'Interest' categories (click category for more) Hate pets
Article posted by @Drivelry on August 16, 2010
Filed under topics (click for more articles on that topic): hacking, social engineering, Twitter