As you frequent twitter users are probably noticing as of late, twitter has been having a whole slew of problems the past few weeks. I’m actually attempting to post something up there right now and it’s lying to me and saying it’s trying to update. I’m on to you twitter! I know you’re PROOOOBABLY on the verge of crashing right now [again] and that’s why you’re trying to make me feel as if my tweet has not gone unnoticed. Get your act together!
FIRST, twitter was suffering from DDOS attacks which were thought to be coming from somewhere overseas (countries will not be named), then they started being afflicted with phishing and spamming… and NOW we have to look out for botnets!
According to Mashable.com, there is something called an ‘obfuscated code’ that is being maliciously distributed via tweets. Quoted directly from the article:
“Obfuscated Twitter status messages are being used to send out new download links to malware that Symantec calls Downloader.Sninfs …
… Our investigation and analysis of Downloader.Sninfs is ongoing but has so far shown that it reads a specific Twitter.com RSS feed only once. The RSS feed is simply a text file similar to other RSS feeds found on other Internet sites. The RSS text file contains information as to where Downloader.Sninfs can find additional threats to download onto the compromised system. In this way the RSS file acts like a config file for the malware.”
The tweets will look like random mumbo jumbo garbage (you can try to spell out words from there if you feel so inclined, perhaps even start a make-shift cob job scrabble game out of it, but I assure you, it’s non-sequential garbage) and somehow manages to download malware. I don’t necessarily understand what is going on with this “obfuscated code” (which is a first for meeee because I usually understand everything I read) so you may want to stalk the experts to get in depth information. I figured I would bring you an eye opener in case you were curious what on earth is eating twitter alive. If you would like to know more on removing whatever you are infected with due to these botnets, please visit the Symantec website here to find removal instructions.