Page 1 of 2
Twitter users were hit with a virus attack Tuesday in the form of a rogue application that promised to show them how many people "unfollowed" them.
The attack spread virally across the Twitter network, affecting thousands of users who installed the rogue application in an attempt to view who dropped them from their networks. Once installed, however, the attack was spammed out to every one of the user's followers.
The attack uses simple social engineering, exploiting users' curiosity about who has unfollowed them. A typical message, which appears to come from someone the user knows, reads "58 people have unfollowed me. Find out how many have unfollowed you."
Upon clicking on the links contained in the message, users are then asked to give permission for a third-party application to access their Twitter account.
"Don't, whatever you do, press the 'Allow' button," said Graham Cluley, senior technology consultant for Sophos, in a blog post Tuesday. "If you do, then a third party is now capable of tweeting message in your name to all of your Twitter followers – which spreads the scam virally across Twitter and may result in one of your online friends also having their account compromised."
Users who click the "Allow" button are led to a fake Web site that initially appears to reveal the desired information. In actuality the site presents users with an online survey. Scammers launching the attack make a profit on every completed survey, Cluley said.
"Don't make it easy for scammers to make money in this way, and always exercise caution about which third party apps you allow to connect with your social networking account," Cluley said.
Security experts contend that there will almost certainly be an uptick of "unfollowing" scams as more users are assimilated into the ranks of Twitter followers.
James Reid, threat research manager at security firm Webroot, said that Twitter is experiencing a surge of late comers to its platform, however many of those late adopters don't have the same level of security awareness as those that previously joined the network.
"More and more people are adopting these kinds of social media as primary ways to communicate with friends and family," Reid said. "As more and more of these people are jumping on board, less are as computer savvy as the earlier adopters, and the risk is actually increasing. And the hackers are aware of this."
Thus far, the latest Twitter scam doesn't appear to download malware onto users' computers. However, the "unfollow me" lure could easily be used to spread malicious code, Reid said. A viral spread of malicious code on Twitter could be especially destructive on a corporate network, which often houses critical financials, intellectual property and other sensitive information, he added.