RealTime IT News

Twitter URLs Again Under Siege by Hackers

Twitter's 140-character message limit is just enough space for the 55 million people who visited the site last month, but hackers are now exploiting this space limitation to spread a variety of malware through the microblogging community in quick order.

Symantec Connect's security team on Friday posted a blog entry warning tweeters to be especially vigilant when clicking on links contained within any of these 140-character messages.

The vulnerability is derived from the URL-shortening utilities deployed on Twitter and other social networking sites and blogs that truncate Web addresses into a few pithy characters. Users click on the shortened URL and, hopefully, are redirected to the legitimate site they intended to visit.

Hackers, who are having a field day with all these largely unsecured Web 2.0 sites, are using enticing tweets and commonly used Twitter search terms to lure users to sites hosting their malicious code.

"In order to address this issue, URL-shortening utilities have grown in popularity on the site," Symantec security honchos said in the blog posting. "There's one downside here, from a security point of view -- you'll often have no idea where the link leads until you click it."

"Clicking any link like this is entirely a security leap of faith," the blog entry warns.

Fortunately, the cure is fairly simple and painless. Firefox and Internet Explorer both offer browser plug-ins that will check a shortened URL and display the entire address before you click "send."

"While this won't tell you for sure if the link is malicious, it will at least allow you to look more carefully before clicking," Symantec said.

This isn't the first time—and surely won't be the last—Twitter and its users were targeted by malware purveyors.

Just last month, at least one botnet owner managed to infiltrate the site to use it as a botnet control. In that instance, the tweets consisted of encoded links with URL service bit.ly. The links then took users to sites hosting the malware and instructions for the bots.

Twitter officials were not immediately available to comment on this latest attack.

Symantec Connect's cautionary blog posting includes a video showing how tweets can be compromised and what tweeters should pay attention to before clicking on embedded links.

"While the misleading applications currently being served up in this manner all seem to look very similar today, we’re likely to see more variety in the future," Symantec's security team said.