Recently, Twitter implemented technology to help stem the threat of malicious URLs being propagated though its service. This approach seems to be a great effort on the part of Twitter to prevent attackers from tweeting malicious links.
It appears as if the tool is filtering tweets and comparing any embedded URL to their list of known malicious sites. Trying to determine whether a URL points to a malicious website in a large-scale automated fashion, especially in today’s threat landscape, is a challenging problem. From my perspective, there are a few issues that need to be worked out. Twitter is likely in the nascent stages of addressing these types of issues and we expect they will try to overcome the associated limitations.
To date we've only seen a relatively small number of attack attempts involving malicious URLs on Twitter. URL-shortening services are often at the heart of these types of attacks as bad guys try to take advantage of the system to disguise...
In previous blog postings, I talked about politically themed online malicious activity, focusing on what we observed during the recent U.S. presidential election cycle. Even though the election itself has long since been over, we are continuing to see similar political themes in today’s attacks.
As anticipation builds around President Elect Barack Obama’s upcoming inauguration ceremony, Symantec’s Threat Intelligence team analyzed a new wave of malicious spam messages with a “Presidential theme” that found their way into one of our vast number of global sensors.
The corresponding emails have subjects and bodies similar to the following:
Subject: You must look at this!
Our new president has gone
Yours truly, Dan Harrison ---
Subject: Breaking news
Barack Obama refused to be the president of the United...
