New Malware Campaign Uses Racist Obama Tweet, Fake FaceBook and YouTube Pages to Steal Your Data

Tags: , , , , , , , , , , .

Posted 4 years ago

Users of Twitter are being told to be aware of a new malware scam doing the rounds. Spotted by PandaLabs, Panda Security’s anti-malware laboratory, the new spam campaign takes it to a whole new level of elaboration in order to steal your private information.

Users of Twitter receive a direct message on Twitter telling them to click on a link to watch a video of President Barack Obama punching a guy who described him with a derogatory term (you can see a screenshot of the tweet here). If you are sent such a message, please do not click on it.

Anyone that clicks on the link is then taken over to a fake FaceBook page where they are asked to log in using their Twitter credentials. If you do this, your account will be hacked and malicious messages will be sent out to your contacts. But this is not all. Once an unsuspecting victim has handed over their Twitter information, they are then sent to another bogus FaceBook page, this time with a rogue YouTube page embedded in.

This page will display a message saying “An update for YouTube Player is needed”, and a supposedly handy install button is included. Anyone clicking on install will be unknowingly downloading the Koobface.LP worm, which will infect their computer and steal all their personal data.

In a press release about the scam, Panda Labs technical director Luis Corrons explains why it is so effective:

“This attack exploits the two most popular social networking sites, FaceBook and Twitter, to trick users into believing they are viewing a trusted site. It also relies on its victims’ curiosity by using a scandalous story involving U.S. President Barack Obama and racism. Cyber-criminals know people are curious by nature and take advantage of this to trick users and infect them with their creations.”

PandaLabs says that this is just the latest in a long line of cyber-scams that use Twitter direct messages to spread. Accounts receive dozens of messages each day with tempting links saying thinks such as “What exactly do you think you’re doing on this video clip”, “Hello this guy is saying bad rumors about u…,” and “Did you see this pic of you?”.

To ensure your data is protected, the message from Corrons is simple: “Never, ever, click the links within the text of those messages as they could infect your computer.”

“Every time you receive a direct message you should check with the sender that they have knowingly sent it to you. Make sure it has not been automatically forwarded to you from a hacked account. As a general rule, always keep your antivirus software up to date and be wary of messages offering sensational videos or unusual stories as, in 99 percent of cases they are designed to compromise user security.”

– Anthony Carter

Leave a Reply