A lot of twitter users woke up today finding that their devices were sending out tweets without their permission. The only thing common between all the tweets from the users was that other than a goo.gl shortened URL link, it contained nothing else.
While, we do know that tweets with shortened URLs are not always a security threat, what we are still trying to figure out is how the accounts ofTwitter users was compromised. Were their usernames and passwords stolen or did someone send it out on purpose, this is something that is not clear at this point of time.
The SOPHOS blog also stated that “all of the offending Twitter messages examined, so far claim to have been posted by "Mobile Web" (Twitter's "lite" interface for generic mobile phone users) rather than users' normal clients such as Tweetdeck or Twitter for iPhone".
So, if your account is compromised or have received a suspicious tweet, delete it and change your password.
Stay Frosty... twitter users
When a user clicks on the URL, they are redirected towards a page which ends in ‘m28sx.html’.According to a post on the SOPHOS security blog, “If you make the mistake of clicking on one of the malicious goo.gl links you are ultimately taken to a website which attempts to scare you into believing that you have a virus problem on your computer. You are then frightened into installing malicious code on your PC, and asked to pay money to disinfect your systems”.While, we do know that tweets with shortened URLs are not always a security threat, what we are still trying to figure out is how the accounts ofTwitter users was compromised. Were their usernames and passwords stolen or did someone send it out on purpose, this is something that is not clear at this point of time.
The SOPHOS blog also stated that “all of the offending Twitter messages examined, so far claim to have been posted by "Mobile Web" (Twitter's "lite" interface for generic mobile phone users) rather than users' normal clients such as Tweetdeck or Twitter for iPhone".
So, if your account is compromised or have received a suspicious tweet, delete it and change your password.
