I just read my RSS feeds and found interesting write-up from Peter @ Intego about “Hacking twitter spread Mac malware“.
In the past, we have seen bogus blog profiles such as in blogspot massively created to distribute FakeCodec malwares – both serving for Windows and Macintosh platform. To reach more internet user, these bogus profiles are spammed in various legitimate online communities and social networking walls, as well as uses analytics to poison google search results. These has been very effective distribution vector for these attackers, even up to this time. An example for this is celebnudestars.net, which receives thousands of traffic daily.
Now, the social networking craze has lead to a new dimension as this year micro-blogging sinks in with dramatic increase in popularity. I have discussed this in my previous blog “The Allure of Social Networking“.
Micro-blogging such as the most popular Twitter, is now a huge target. Similar to blog, attackers started to auto-generate bogus profile to carry out malicious task.
Early this month, Dancho Danchev published his findings @ Zdnet blog titled “Cybercriminals hijack Twitter trending topics to serve malware”, explaining list of keywords that leads to these bogus profile, which links to fake codec malware servers.
Malicious user may take advantage of popular trend, just like the screenshot below (sourced: http://www.stoptwitterspam.com)
In a nutshell, it is evident that these organized group has resources already deployed and actively operating, now it is a matter of time that we’ll be seeing Mac malware serving through this vector.
It is important that users practice safe computing, by applying security update and making sure security scanners and tools are turned-on.