Home Editor's News Twitter DM protection bypassed with new attack vector

Twitter DM protection bypassed with new attack vector

January 23, 2014 | Posted by Dan Raywood

A new Twitter spam campaign has been detected, which gets around safety blocks within the direct messaging (DM) functionality.

 

According to Malwarebytes researcher Christopher Boyd, the tactic sees attackers compromise legitimate accounts and send links to Tweets posted by spam profiles / other compromised accounts, rather than send a direct URL.

 

“They are compromising legitimate accounts then sending links to Tweets posted by spam profiles/other compromised accounts. The linked Tweet will then send the end-user to the desired spam page,” Boyd said.

 

He claimed that users are sent to pages, and in one case it was a diet tips page, and it was possible that there are other URLs being used in this particular campaign.

 

He recommended implementing two-factor authentication, considering the length and strength of your password and adding two-step security to the email address tied to your Twitter account, too.

 

He said: “Yes, you should be two-stepping all over your email account too. You’re trying to make yourself as hard a target as possible with endless, hoop-jumping layers of security for the would-be thief to throw up their hands and go “eh whatever, next target please.”

 

Commenting, Carl Leonard, senior manager of Websense Security Labs told IT Security Guru this is a case of attackers trying to get around the controls put in place and get past the obstacles that present a barrier.

 

“The blocking of URLs in Twitter DMs was implemented in October 2013 as a result of a chief executive receiving a DM with a malicious URL in it,” he said. “We are still seeing scams on Twitter which are after credentials, while we see typosquats that collect details. With any social network we see scams and malicious efforts across the board, as attackers are constantly trying to get past the barriers.”

Recent

GCHQ offer summer student cyber camp in Cheltenham

GCHQ is to launch a ten-week cyber training summer programme for first or second year university students who have an interest in cyber.   Aimed at those who are skilled in at least one computer language or who have an interest in cyber beyond that of their university studies, the Cyber Insiders Summer School will (…read more)

March 2, 2015

Uber informs drivers on potential breach of 50,000 records

A database of drivers who work with the Uber app was accessed last May, resulting in the possible theft of information on 50,000 drivers.   In a statement, Uber managing counsel of data privacy Katherine Tassi said that it identified access to the database by “an unauthorised third party” and a small percentage of current (…read more)

March 2, 2015

Iran named as being behind attack on Las Vegas “Sands” resorts

Iran has been named as the perpetrator of an attack on a Las Vegas casino last year. After the Sands hotel and casino chain was attacked in February 2014, James Clapper, US director of national intelligence, told the Senate Armed Services Committee that the attack was by Iranian attackers which hit many of the systems (…read more)

February 27, 2015