There appears to be a bit of a mad dash to infect people by the boatload on Twitter, with a variety of different messages being sent to random targets:
Click to Enlarge
The above account endlessly says “Wow, a marvelous product”. Click the link, and you might be redirected to some sort of paid movie service:
If you’re unlucky, however, you’ll end up at a URL such as fqsmydkvsffz(dot)com/tre/vena(dot)html, where PDF exploits await.
We detect the above as Exploit.PDF-JS.Gen(v). Some of the other phrases used for this spamrun include:
Wow, An incredible Product
Wow, A shocking Discovery
Watch This
I Just Cant Beleive This
Wow, A stunning Product
Wow, A Revolutionary Product
Wow, A fascinating Site
This isn’t the first malicious spamrun on Twitter, and it certainly won’t be the last. With that in mind, it might be best to avoid random links sent to you from strangers. You never quite know what’s at the other end…
Christopher Boyd
/ Hat tip to Ed Bott who sent over one of the links last night.