‘Better sex’ Twitter phishing attack sweeping social media

26 Feb 2010

If you’ve been blushing at direct messages (DMs) from people you know on Twitter telling you how to achieve better sex, be warned. It is a clever ploy by hackers to phish users’ passwords and power future attacks on search-engine searches.

Twitter users around the world have had their accounts hijacked by a viral phishing hack that sends out messages saying “this you?” or “hey, I’ve been having better sex and longer with this here” via direct message.

The attack began on Thursday and its aim is to encourage people to sites that hijack the account and install malware which then steals passwords.

Tweets and Direct Messages (DM) containing phases such as ‘This you??’ or ‘LOL is this you’ are linking victims towards a Twitter login phishing page. If the bait is taken and the victim enters their password, Twitter’s infamous “fail whale” is displayed and the user is returned to their account. They might not even realise that their account details have been compromised.

Phishing attacks target Twitter

“Phishing attacks directed against Twitter are not new. But what’s the point?,” asked security company F-Secure in its blog. “Trust.Peers within a social network have a greater level of trust amongst themselves.

“And so why the recent attacks? We think it could have something to do with some of the recent search-engine deals that have been made. Yahoo announced that they’ll begin to include Twitter’s real-time feed into their search results and Facebook is now included in Google’s search results.

“The bad guys can use social-networking trust to enhance their SEO attacks,” F-Secure warned.

F-Secure warns users to be always be careful when searching for hot topics.

“This ‘sea world trainer killed’ example (pictured) is currently being used in (search engine optimisation) SEO attacks and many results will lead directly to scamware. There’s also a Facebook result in the example. We expect to see fresh phishing attacks against Facebook before too long.

“Twitter’s Safety and Spam feeds are useful to follow if you have a Twitter account. Twitter’s working on the issue now by prompting those that received phishing messages to change their password.

“There is a silver lining to all of this… while social networking trust can be abused, social networks themselves are incredibly responsive to emerging threats. Check out the latest search results for ‘This you??’. Twitter users are already spreading information to counter the disinformation pushed by the bad guys.

“It used to take weeks to stamp out email hoaxes. Now, the issue almost corrects itself as quickly as it is abused,” F-Secure said.

By John Kennedy

Twitter logo

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years