Its now the turn of Twitter!

A new spammed malware attack is impersonating messages from micro-blogging site Twitter.

Researchers at Symantec said that the attack poses as an invitation to join Twitter with the message: ‘Your friend has invited you to Twitter.’ The message also contains images of the Twitter logo and front pages.

Rather than send the user to Twitter by way of a URL, however, the message asks the user to open an attachment under the name ‘InvitationCard.zip’. On launching the attached file, the user is infected with a malicious worm that attempts to send out mass email messages.

Users are advised not to open the invitation attachments or any other unsolicited or suspicious email attachments.

“As Twitter continues to gain popularity among social networking users, people are regularly receiving invitations and email updates from fellow users, ” wrote Symantec researcher Sammy Chu in a blog post.

“We expect that spammers will continue to use Twitter and other popular social networks as bait in their attacks.”

The practice of disguising malware as email attachments and greeting cards is not new. Attacks such as the infamous Storm worm were routinely spread under the guise of greeting card attachments.

Attacks targeting Twitter have also become more common in recent months as the site has seen its popularity soar. Attacks have ranged from account-stealing hacking attempts to cross-site scripting attacks and malware distribution attacks.

source: http://www.vnunet.com/vnunet/news/2244458/malware-threat-targets-twitter

Facebook Worm!

A general word of caution to all facebook users- considering its one of the most popular social networking sites, i guess is a general caution to all.

There are several worms doing the rounds on facebook – the most recent of them being the koobface.
the modus operandi is the same- send a link through a message, considering its coming from a friend, you tend to visit it, after that it downloads a trojan onto the system. Now the scary part is that its using the macromedia / activex route to run this exploit.
its asking for the update, its downloading a worm onto the system, and then when you visit facebook the next time, it gets your username / password and replicates itself. from the facebook account. It has appeared to have been more complext through a greater level of automation than before. So next time a message comes from a friend, please check the message before visitng the site.

More :
http://news.cnet.com/facebook-fights-new-koobface-worm-another-rogue-app/
http://www.techcrunch.com/2008/08/07/elaborate-facebook-worm-virus-spreading/