Hackers may be launching phishing attacks on microblogging service Twitter in order to place malicious links on popular search engines, according to a security software vendor.
A large number of Twitter accounts – including that of UK Energy Secretary Ed Miliband – have been compromised this week and are being used to distribute links to malicious websites.
According to F-Secure, this may be motivated by the fact that web search engines including Google and Yahoo! now place Twitter messages relating to a search term on the first page of their search results.
On the company’s website, F-Secure security advisor Sean Sullivan said that hackers could be using compromised Twitter accounts to distribute links to malicious sites, by juxtaposing them with popular search terms. “The bad guys can use social networking trust to enhance their search-engine optimisation attacks,” Sullivan wrote.
Often these malicious links will direct victims to a site where a supposed security scan is initiated, requiring the user to give it permission to execute. This will in fact download a piece of malware such as a Trojan or worm onto the victim’s computer.
Such a strategy will only become more successful as search engines give greater preponderance to content from social networks. Google recently added status updates from Facebook users to its search results, and “we expect to see fresh phishing attacks against Facebook before too long,” Sullivan wrote.
If F-Secure’s analysis is correct, it is just one more example of how web-based security attacks are increasingly ‘blended’, in that they use a number of channels in concert. Some security vendors argue that this calls for increasingly ‘blended’ security tools that monitor web, email and social network traffic simultaneously, but it also heightens the need for end user education.