Twitter DMs from your friends can lead to Facebook video malware attack

Graham Cluley
Graham Cluley
@[email protected]

Tweetie birds. Image from ShutterstockHave you received a Twitter message from an online friend, suggesting you have been captured in a Facebook video?

A number of Naked Security readers have been in touch in recent days regarding a variety of direct messages that have been spammed out from compromised Twitter accounts.

The aim of the messages? To trick the unwary into clicking on a link.. and ultimately infect computers.

Here is one example:

Sign up to our free newsletter.
Security news, advice, and tips.

Twitter direct message

your in this <Link to page on> LoL

And here’s another. Note that there are many different combinations of wording that can be used.

Twitter direct message

you even see him taping u <Link to page on> thats awful

Users who click on the link are greeted with what appears to be a video player and a warning message that “An update to Youtube player is needed”. The webpage continues to claim that it will install an update to Flash Player 10.1 onto your computer.

Malicious webpage

In this example, the program you are being invited to download is called FlashPlayerV10.1.57.108.exe, and is detected by Sophos anti-virus products as Troj/Mdrop-EML, a backdoor Trojan that can also copy itself to accessible drives and network shares.

Quite how users’ Twitter accounts became compromised to send the malicious DMs in the first place isn’t currently clear, but the attack underlines the importance of not automatically clicking on a link just because it appeared to be sent to you by a trusted friend.

If you do find that it was your Twitter account sending out the messages, the sensible course of action is to assume the worst, change your password (make sure it is something unique, hard-to-guess and hard-to-crack) and revoke permissions of any suspicious applications that have access to your account.

Birds image from Shutterstock.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.