Rogue malware attack seeps into Twitter

The attacks are reported to be spreading through Twitter in the form of posts from hijacked user accounts.

The attack contains the words 'best video' and a link to an external domain.

Upon clicking the link, the user is taken to a fake video page which also launches a background attack script.

The script attempts to install and launch a maliciously crafted PDF file which delivers the actual malware payload.

Rather than infect users with data-stealing malware or botnet controllers, the Trojan installs a fake security program called 'System Security.'

As with other rogue antivirus products, System Security presents false malware scans and alerts in an effort to dupe the user into paying money for a non-functioning security tool.

Since word of the attack first emerged, Twitter said that it has moved to suspend the offending accounts and resolve the issue. Users are being advised not to click on the suspicious links.

Kaspersky researcher Roel Schouwenberg suggested that the attacks may be related to a phishing run recently spotted on the site. Shouwenberg suggested that the compromised accounts were the same being used to post the attack video.

"This attack is very significant. It would seem that at least one criminal group is now exploring the distribution of for-profit on Twitter," he wrote in a blog posting.

"If the trends we've seen on other social platforms are any indicator for Twitter then we can only expect an increase in attacks."