WebProNews

Typical scheme offers porn, applies Trojans

Criminals placed a profile on Twitter linked to a video that delivers multiple Trojans seeking banking information from the machines they infect.

The simplest schemes work, which is why online thieves try them again and again. Create a Twitter profile, drop a link to a sex video into the Twitter stream, and wait for people to click it and accept the Trojan download.

As security vendor Kaspersky Lab noted, this latest effort brings ten banker Trojans onto a machine. The malware pretends to be an update to Adobe's Flash Player, and the Trojans masquerade as MP3 files.

Unless one's PC contains an updated antivirus program, their next visit to a banking site affected by these Trojans will be compromised, with their login details sent to the criminals behind the fake Twitter profile.

It isn't the first time someone has tried to capitalize on Twitter's success with this kind of attack. Kaspersky said they have seen these used successfully since the end of 2007.

"This technique does not require any serious programming skills – buy some Trojans, upload them onto a web server and create a chain of Twitter profiles following each other," the vendor said.

As serious as a problem it presents to users of Twitter, as well as to people who find these profiles in search engines, it's also a concern for Adobe. John Dowdell at Adobe fretted about how the public will perceive the company if they get their bank details stolen after downloading a fake Adobe Flash update.

"Adobe is not directly involved, but the infection relies upon using the existing goodwill towards the overall Adobe Flash ecology... without all those sites which made Flash a standard, this social exploitation would not work," he said.