Experts at Panda Security have warned of festive malware threats spread via Twitter that capitalise on popular trending topics.
The vendor’s PandaLabs unit said that thousands of tweets have been sent using festive phrases such as ‘Nobody cares about Hanukkah’ or ‘Shocking video of the Grinch’, along with short URLs pointing to malicious web sites.
Clicking on the link will take the user to a page that infects systems with fake codecs by exploiting the CVE-2010-2883 security hole in PDF files.
The link tries to trick users into downloading a codec that is actually a Trojan, which in turn downloads more malware onto the compromised computer, explained PandaLabs.
“Social networks are becoming increasingly popular among hackers as a vehicle for spreading malware,” said PandaLabs technical director Luis Corrons.
“Facebook and Twitter are commonly exploited with malicious ends, given their ever-increasing number of users and the false sense of security that they have as regards to posting content. That’s why the number of clicks, and therefore infections, tends to be very high.”
Panda Security warned people not to click on suspicious links, or download anything if prompted to do so after following a link, and to keep machines up to date with the latest anti-virus protection.