Cyber Criminals use different ways to compromise users. One of the best way they use is Social Engineering. They use people innocence to fool them and make them to download malicious file and thereby stealing user information or downloading fake products. Though we use different Antivirus to keep our system secured few Malware escapes from the detection. Such analysis which uses Twitter for social Engineering is below.
I was surprised when I received a mail from Google Groups. The reason for the surprise is an open source Twitter IM client is released. The mail explained with the features of Twitter IM and provided a link to download.
The moment I was about to click on the link, I felt the link is suspicious. So I decided to open the link in an virtual environment.
Yup. What I suspected was correct. It opened a usual flash page which required Video ActiveX Object. But the flash page was not like a usual fake You tube page. It resembled windows media player which requires a codec to stream the video.
After sometime I contacted the same URL “hxxp://abcde.com/twitterimdownload” to check if the Domain is still active. This time it displayed a flash page but it had different theme which was not like the previous one.
This again downloaded the same file from the remote server “install.exe”. But there were no Detections for the file except three.
Cyber Criminals are targeting Social Networking sites or using Social networking site names to do such activity. This is because the number of users in Social Networking sites are more than comparing others. Moreover people who use Social Networking Sites are not too technical which is a great advantage for Cyber Criminals. Lets Be-aware of such Social Engineering.
Trackback from your site.