Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Rogue Timer Application Plagues Twitter Users

Sophos : 15 March, 2011  (Technical Article)
Sophos is warning users of the Twitter social network site of a malicious application that times membership of social networking sites

IT security and control firm Sophos is warning Twitter users to be cautious, following the discovery of new rogue applications designed to help scammers earn money by spreading links that point to online surveys.


Following attacks this weekend, which saw users spreading messages about a girl who killed herself and how addicted they were to Twitter, new messages are appearing on Twitter today claiming to count how long users have been members of the social networking website.  Offending tweets contain a variation on the following text, with the amount of time shown differing between users:


     "I have spent 379 days, 9096 hours on Twitter. How much have you? Find out here: [LINK]"


The messages, posted by an application called "Your Online Timer", include a link which - if clicked on by other Twitter users - will encourage them to authorise "Your Online Timer" to access and update their Twitter accounts.  If the application is approved, users will be taken to a website which claims it will find out the time spent to date on Twitter - and the page pops up a survey which earns the scammers money for each questionnaire completed.  In addition, without explicit approval, the Twitter account of the victim is updated with a status update - spreading the link virally to other Twitter users.


"Viral scams like this are commonly encountered on Facebook, but are now being spread by their creators onto Twitter too. It's possible that the people behind these attacks view Twitter users as a softer target, who might generate them more income," said Graham Cluley, senior technology consultant at Sophos. "Social networks have a responsibility to protect their users from scams and spam - but ultimately it's down to the user to think very carefully before handing over the keys to their social network account to a complete unknown application."


Affected users should revoke the application's access to their Twitter account immediately.  This can be done by entering Settings/Connections and revoking the rights to the relevant application.


"If the application's access to your account is not revoked, the scammers could use it to spread other messages - potentially including links to malicious websites, phishing or other spam campaigns," explained Cluley. "The last thing you want is for your Twitter followers to believe that you are being sloppy over your account's security, and potentially putting them at risk too."

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo