09 Sep 2008 10:20
Criminal hackers are using a Twitter page to target Orkut users, according to a security researcher.
In a blog, Chris Boyd, director of malware research for FaceTime, explained how a Twitter page is being used to lure victims. The Twitter page lists 17 followers, although each appears to be fraudulent. Boyd said Twitter had been notified.
The messages, written in Portuguese, attempt to get visitors to download a photo album. In order to view the album, users need to download a Flash update, which constitutes, in reality, the infection files. Boyd and his team have identified the infection as Orkon.
Once installed, the infected files perform various actions on the compromised desktop, such as attempting to gain Orkut account login information, or displaying a browser image of a man identifying himself as 'Trickster'.
Orkut has been targeted in the past, but Boyd said it was interesting that Twitter is being used as a vector. Boyd recommended that Twitter users should exercise caution if they see a Twitter page referencing an Orkut photo album, even if they don't use Orkut.
Story URL: http://news.zdnet.co.uk/security/0,1000000189,39486076,00.htmCopyright © 1995-2009 CBS Interactive Limited. All rights reserved
ZDNET is a registered service mark of CBS Interactive Limited. ZDNET Logo is a service mark of CBS Interactive Limited.