Koobface Comes to Twitter: Are You Protecting Yourself?
15 Jul
Posted by kenya as Security, Social Networking
With Twitter’s relatively new popularity come those who want to exploit it for financial or other type of gain. A few weeks ago Twitter users were being sent links to malware. Those who clicked the links were directed to a site where malware was downloaded. The malware then sent out links from the newly infected computer using the user’s Twitter account. It connects to other social networks that the user may be logged into as well. The malware primarily affects the Windows operating system and the anti-virus programs are not likely to detect it because of it’s dynamic nature. This is the same trojan that has proliferated on MySpace and Facebook.
Suspicious Links
Twitter responded by suspending infected accounts and resetting passwords. This, however, will not help you protect yourself from scammers. There are numerous ways that suspicious links are sent. One method involves Twitter accounts unknown to you sending you links. These are easy to ignore. The more effective manner is for malicious programs to send links to you from people you already know and trust which is why these malware programs are hard to avoid.
URL Obfuscation
Getting people to click on links has been successful because the malware takes advantage of the URL obfuscation created by URL shortening services. Given that, it may be effective to avoid clicking on links all together. However, avoiding links completely would likely make your Twitter experience less enriching. One does not have to resort to such drastic measures. Many URL forwarding services provide functionality to preview a link. Here are examples from TinyURL and bit.ly:
| Service | Shortened URL | Preview |
| bit.ly | http://bit.ly/VZQuF | http://bit.ly/VZQuF+ |
| TinyURL | http://tinyurl.com/mumt6s | http://preview.tinyurl.com/mumt6s |
URLs Revealed
Instead of manually typing the URLs, you can use Twitter clients that allow you to see the actual URL. My favorite client that allows this is TweetDeck.
If you prefer the web client, you can use the Power Twitter Firefox extension. Not only does Power Twitter expand short URLs but it also displays photos and video inlne in your Twitter stream.
Another option if you are using the web interface is the Long URLs Please Firefox extension. It will expand URLs on any web page which is good for other sites where you may see shortened URLs as well.
Other options include looking at your Twitter stream using Friendfeed as it automatically expands short URLs. Many people are already reading tweets on Friendfeed due to various changes to the Twitter service so it may not be that much of a stretch to use Friendfeed to see links as well. (Of course, your Twitter friends have to be Friendfeed users as well.)
I applaud Twitter for trying to the curb the proliferation of Koobface but it’s really up to the users not to get infected: we need to be aware of what we are clicking. Tools like TweetDeck, Power Twitter, Long URLs Please and FriendFeed can help you make informed decisions about what you click before you click it.
You might also be interested in:
Subscribe via Email
Categories
Recent Posts
Comments
Tags
Topics
Recent Posts
Recent Comments
- Deenice on Fresh Robot at Alibaba Booth at #CES
- Roque on One Does Not Simply Drive a Lexus to Mordor
- BloomWorlds on Android: How Open is Open?
- Kenya on Android: How Open is Open?
- wardell latham on Android: How Open is Open?
- Kenya on Good Find: Volume Knob Earbuds
- Doug on Good Find: Volume Knob Earbuds
- Kenya on Fake Antivirus Holds Your System Hostage
- Kenya on Geek Girl Gone Wild: My New Tiny PC
- Kenya on Geek Girl Gone Wild: My New Tiny PC