How Malware Can Be Delivered Efficiently in Twitter
- 1
- Add a Comment
I follow Chris Pirillo on Twitter. He is among the hundreds of people whose one hundred and forty characters I read daily. If Chris posts a link in my Twitter stream, it is more than likely that I will click on that link and see what Chris has found interesting. I use Twitter in that manner with many people.
And that clicking can lead to loads of trouble if I am not careful.
There have been warnings of malware being delivered via Twitter for over a year now. The goal of a hacker / criminal is to have you click on a link. The malware that could infect your computer needs no further action on your part. If it is a ‘drive-by’ infection, that click will lead to unwanted, malicious software being installed. It is as simple as that.
If the hacker makes the page interesting, a person on Twitter may repost (called a “ReTweet”) a link. If just seven people repost and seven other people subsequently repost, that becomes forty nine innocent people spreading malware. The potential growth of that malicious link is frightening. Simply take that forty nine figure and multiple it several times.
The repost is just one way to spread the infection. On Twitter, there is space for a bit of personal biographical information and a space to post a link. People check that biographical link to see who is following. What if that link was malicious and not benign? The result could be an infected computer.
Recently, Chris Pirillo had an software offer. It was for Winpatrol. This is a security program that prevents malicious programs (malware) from installing, without your permission. Somehow, Chris Pirillo talked Bill Pytlovany into discounting the WinPatrol program by ten dollars. Bill Pytlovany, the driving force behind WinPatrol, happens to be among the people I follow on Twitter. He is “BillP” on Twitter. I spoke to Bill about my concerns and he reassures me that WinPatrol is an efficient line of defense for safer use of programs such as Twitter. He is extending Chris’ offer through the weekend, with the ten dollars off. [Thanks, Bill!]
I know I try to be careful on social networks like Twitter. I also know that I fall into careless moments and am not as vigilant as I should be. Hackers are counting on that. I know I would not go on Twitter now without WinPatrol.
Catherine Forsythe
One Comment
InternetNut
June 14th, 2009
at 1:28am
For all Windows 7 (and indeed its predecessor) informs me whenever it wants to install something, the reputation with Windows systems and security issues, I feel that it is simply not enough. Twitter is going to have to think very carefully about this one. Small URLs are necessary because of the limitation of characters - and if Twitter bans linking all together they will see a sharp decline in their member count.
All I can really think of at this time is that Twitter create a new limitation of characters, perhaps a separate field which can be filled only by a large link. Because of the problem with fake URLs are redirects, this may not be too efficient. Twitter may even have to devise something new for their site which can check links - but either way, if they want to continue to see their regular members, they mustn’t ban URLs.