Twitter API Being Exploited by Drive By Malware

Drive-by exploit writers have been spotted using a popular Twitter
command to send web surfers to malicious sites, a technique that helps
conceal the devious deed.  According to researcher Denis Sinegubko, it’s
being added to heavily obfuscated redirection scripts injected into
compromised websites. The scripts, which redirect victims to drive-by
sites that attempt to exploit unpatched vulnerabilities in programs
such as Apple’s QuickTime. Read the full article. [The Register]

Drive-by exploit writers have been spotted using a popular Twitter
command to send web surfers to malicious sites, a technique that helps
conceal the devious deed.  According to researcher Denis Sinegubko, it’s
being added to heavily obfuscated redirection scripts injected into
compromised websites. The scripts, which redirect victims to drive-by
sites that attempt to exploit unpatched vulnerabilities in programs
such as Apple’s QuickTime. Read the full article. [The Register]

Suggested articles

Twitter OAuth API Keys Leaked

The OAuth keys and secrets that official Twitter applications use to access users’ Twitter accounts have been leaked in a post to Github this morning.

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.