Twitter Worm Pushing Rogue Anti-Virus Scam

The scam is spreading through malicious links abusing the goo.gl URL shortening service. According to Kaspersky Lab, the malicious links redirect users to different domains with a ‘m28sx.html’ page. That HTML page redirects users to a static domain with a Ukrainian top-level domain. From there, blogged Kaspersky Lab Senior Malware Researcher Nicolas Brulez, the domain redirects the user to an IP address pushing fake anti-virus.

“Once you are on this website,” Brulez blogged, “you will get [a] warning that your machine is running suspicious applications and you are encouraged to scan it…The user is invited to remove all the threats from their computer, and will download a fake Anti Virus [sic] application called “Security Shield”.”

It can be trouble when you don’t know where the link you’re clicking will take you, but it’s even worse trouble to let any random website “scan” your computer and install software to help you “fix” whatever it found.

via Twitter Worm Pushing Rogue Anti-Virus Scam – Security – News & Reviews – eWeek.com.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s