Malware-Carrying Twitter DMs Push Fake Facebook Links

Twitter users need to be on the lookout for a new round of malware-carrying spam messages that are coming from compromised accounts, possibly even from Twitter profiles they trust.

If you receive a direct message suggesting that someone has posted or tagged you in a Facebook video, beware. Clicking on the link could infect your computer with malware. According to the Sophos Naked Security blog, the direct messages are not originating from spam accounts, but instead compromised accounts of friends – which makes it even more likely that a careless user could fall victim.

Although the messages vary, the common thread between all of them is that they contain a “facebook.com/________” link and mention that a video of you has been posted on Facebook. “Your in this facebook.com/________ video, LOL” reads one spam message, while another says “you even see him taping u, that’s awful.”

When an unsuspecting user clicks on the link, they are shown a YouTube video player and prompted with a message that says, “and update for YouTube player is needed. It says that it will install Flash Player 10.1 onto your computer, but instead installs “Troj/Mdrop-EML, a backdoor Trojan that can also copy itself to accessible drives and network shares,” according to Sophos.

Of course, clicking on any link in a direct message that links you offsite is risky, and the fact that these messages are coming from trusted sources makes it especially tricky. However, the fact that the messages contain various misspellings and gramatical errors should suggest to the discerning user that they might not be legit.